Ddos 
In a significant update for the industrial automation sector, SICK PSIRT has issued a high-priority security advisory regarding two critical vulnerabilities affecting the Lector85x and Lector83x product families. These high-performance image-based code readers are central to many logistics and manufacturing pipelines, but a newly discovered lack of access restrictions could allow unauthenticated attackers to hijack device settings.
The advisory, released on March 6, 2026, details two distinct flaws that both stem from “insufficient access restrictions in HTTP-based interfaces”. These gaps in security could allow an unauthenticated attacker to bypass standard protections and interact directly with the deviceβs internal resources.
The first flaw, CVE-2026-2330 (CVSS 9.4), involves restricted filesystem areas that were accidentally left out of a security whitelist intended for internal testing. According to the advisory, “An unauthenticated attacker could place a manipulated parameter file that becomes active after a reboot, allowing modification of critical device settings, including network configuration and application parameters”.
The second vulnerability, CVE-2026-2331, is even more severe with a CVSS score of 9.8. It exposes a critical directory through the HTTP-based file access feature. This exposure is particularly dangerous as it: “Includes device parameter files, enabling an attacker to read and modify application settings, including customer-defined passwords”.
Furthermore, SICK warns that this flaw could allow the execution of arbitrary Lua code within the device’s sandboxed environment.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
