Security Experts:

Connect with us

Hi, what are you looking for?



Hardcoded Credentials Expose SICK Controllers to Remote Attacks

A researcher has discovered that remote hackers could reconfigure or disrupt MSC800 modular system controllers from Germany-based sensor maker SICK due to the existence of hardcoded credentials.

A researcher has discovered that remote hackers could reconfigure or disrupt MSC800 modular system controllers from Germany-based sensor maker SICK due to the existence of hardcoded credentials.

The affected controllers, which according to the U.S. Department of Homeland Security (DHS) are used worldwide, particularly in the critical manufacturing sector, are affected by a critical vulnerability tracked as CVE-2019-10979.

SICK controller

The issue is related to the existence of hardcoded credentials in the firmware of affected products, allowing a low-skilled attacker to remotely reconfigure the controller’s settings or disrupt its functionality.

In an advisory published recently, SICK said it was not aware of any public exploits specifically targeting this vulnerability.

The hardcoded credentials exist in MSC800 controllers running versions of the firmware prior to 4.0, which patches the flaw.

Learn More About Flaws in Industrial Products at SecurityWeek’s 2019 ICS Cyber Security Conference

According to SICK, version 4.0 of the firmware allows users to change the default password and prevent configuring the device over network interfaces, which can be particularly useful for critical infrastructure organizations.

“As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment,” SICK said.

Tri Quach of Amazon’s Customer Fulfillment Technology Security (CFTS) has been credited for finding and reporting the vulnerability to the DHS’s National Cybersecurity & Communications Integration Center (NCCIC).

Related: Two Vulnerabilities Expose Rockwell Controllers to DoS Attacks

Related: Flaw in Schneider PLC Allows Significant Disruption to ICS

Related: Flaw Exposes Mitsubishi PLCs to Remote DoS Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...