Anomalous Authentication Behavior in H2-DM1E PLCs

CVE-2024-45368

8.8HIGH

Key Information

Vendor: Automationdirect
Status: Directlogic H2-dm1e
Vendor: CVE Published:; 13 September 2024

Summary

The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a challenge-response protocol. However, there's an observed anomaly in the H2-DM1E PLC's protocol execution, namely its acceptance of multiple distinct packets as valid authentication responses. This behavior deviates from standard security practices where a single, specific response or encoding pattern is expected for successful authentication.

Affected Version(s)

DirectLogic H2-DM1E <= 2.8.0

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Sep 13, 2024
Vulnerability Reserved.
Sep 5, 2024

Collectors

NVD DatabaseMitre Database

Credit

Daniel Davenport, Nicholas Meier, Matthew Zelinsky, and Ryan Silva of John Hopkins Applied Physics Lab reported these vulnerabilities to CISA.