SCA-2026-0009
Vulnerability from csaf_sick - Published: 2026-07-16 13:00 - Updated: 2026-07-16 13:00Summary
Vulnerability in several Endress+Hauser products
Notes
Summary: A vulnerability was discovered in several Endress+Hauser products that can be accessed via ethernet.
Impact: If exploited, this vulnerability allows a remote unauthenticated attacker to modify the IP address of the product through the SopasET interface, potentially leading to Denial of Service. There are currently no known public exploits specifically targeting this vulnerability.
Mitigation: As general security measures, it is recommended to minimize network exposure of the devices, restrict network access, and follow recommended security practices in order to operate the devices in a protected IT environment.
Remediation: Customers are strongly advised to apply the recommended mitigation for the affected vulnerabilities to reduce potential risk.
General Recommendation: As general security measures, it is recommended to minimize network exposure of the devices, restrict network access, and follow recommended security practices in order to operate the devices in a protected IT environment.
A vulnerability allows a remote unauthenticated attacker to modify the product's IP address over the Sopas ET interface. This can lead to a Denial of Service attack.
7.5 (High)
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31002 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31003 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31004 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31005 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31006 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31007 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31008 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31009 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31010 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31011 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31012 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31013 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31015 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31016 | — |
Mitigation
|
|
| Unresolved product id: CSAFPID-31017 | — |
Mitigation
|
References
5 references
| URL | Category |
|---|---|
| https://www.endress.com | external |
| https://sick.com/psirt | |
| https://www.cisa.gov/resources-tools/resources/ic… | external |
| https://www.first.org/cvss/calculator/3.1 | external |
| https://www.sick.com/.well-known/csaf/white/2026/… | self |
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "A vulnerability was discovered in several Endress+Hauser products that can be accessed via ethernet.",
"title": "Summary"
},
{
"category": "description",
"text": "If exploited, this vulnerability allows a remote unauthenticated attacker to modify the IP address of the product through the SopasET interface, potentially leading to Denial of Service. There are currently no known public exploits specifically targeting this vulnerability.",
"title": "Impact"
},
{
"category": "description",
"text": "As general security measures, it is recommended to minimize network exposure of the devices, restrict network access, and follow recommended security practices in order to operate the devices in a protected IT environment.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Customers are strongly advised to apply the recommended mitigation for the affected vulnerabilities to reduce potential risk.",
"title": "Remediation"
},
{
"category": "general",
"text": "As general security measures, it is recommended to minimize network exposure of the devices, restrict network access, and follow recommended security practices in order to operate the devices in a protected IT environment.",
"title": "General Recommendation"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "psirt@sick.de",
"issuing_authority": "SICK AG issues and issues in EHS products (when related to the Endress+Hauser SICK (EHS) joint venture).",
"name": "SICK PSIRT",
"namespace": "https://www.sick.com/psirt"
},
"references": [
{
"category": "external",
"summary": "Endress+Hauser",
"url": "https://www.endress.com"
},
{
"summary": "SICK PSIRT Security Advisories",
"url": "https://sick.com/psirt"
},
{
"category": "external",
"summary": "ICS-CERT recommended practices on Industrial Security",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "CVSS v3.1 Calculator",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"category": "self",
"summary": "The canonical URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2026/SCA-2026-0009.json"
}
],
"title": "Vulnerability in several Endress+Hauser products",
"tracking": {
"aliases": [
"SCA-2026-0009"
],
"current_release_date": "2026-07-16T13:00:00.000Z",
"generator": {
"date": "2026-07-16T13:00:00.000Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.29"
}
},
"id": "SCA-2026-0009",
"initial_release_date": "2026-07-16T13:00:00.000Z",
"revision_history": [
{
"date": "2026-07-16T13:00:00.000Z",
"number": "1.0.0",
"summary": "Initial version"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser MARSIC200 all versions",
"product_id": "CSAFPID-11001"
}
}
],
"category": "product_name",
"name": "MARSIC200"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser MARSIC280 all versions",
"product_id": "CSAFPID-11002"
}
}
],
"category": "product_name",
"name": "MARSIC280"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser MARSIC300 all versions",
"product_id": "CSAFPID-11003"
}
}
],
"category": "product_name",
"name": "MARSIC300"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser MCS100FT all versions",
"product_id": "CSAFPID-11004"
}
}
],
"category": "product_name",
"name": "MCS100FT"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser MCS200HW all versions",
"product_id": "CSAFPID-11005"
}
}
],
"category": "product_name",
"name": "MCS200HW"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser MCS300P all versions",
"product_id": "CSAFPID-11006"
}
}
],
"category": "product_name",
"name": "MCS300P"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser MERCEM300Z all versions",
"product_id": "CSAFPID-11007"
}
}
],
"category": "product_name",
"name": "MERCEM300Z"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser SAM800 all versions",
"product_id": "CSAFPID-11008"
}
}
],
"category": "product_name",
"name": "SAM800"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser SIPROCESS all versions",
"product_id": "CSAFPID-11009"
}
}
],
"category": "product_name",
"name": "SIPROCESS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser GMS800 all versions",
"product_id": "CSAFPID-11010"
}
}
],
"category": "product_name",
"name": "GMS800"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser GMS800 FIDOR all versions",
"product_id": "CSAFPID-11011"
}
}
],
"category": "product_name",
"name": "GMS800 FIDOR"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser GM32 all versions",
"product_id": "CSAFPID-11012"
}
}
],
"category": "product_name",
"name": "GM32"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser VICOTEC320 all versions",
"product_id": "CSAFPID-11013"
}
}
],
"category": "product_name",
"name": "VICOTEC320"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser MCU ETH-Service and Modbus-TCP Module all versions",
"product_id": "CSAFPID-11015"
}
}
],
"category": "product_name",
"name": "MCU ETH-Service and Modbus-TCP Module"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser FLPS all versions",
"product_id": "CSAFPID-11016"
}
}
],
"category": "product_name",
"name": "FLPS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser MES1B B\u0026B Converter all versions",
"product_id": "CSAFPID-11017"
}
}
],
"category": "product_name",
"name": "MES1B B\u0026B Converter"
}
],
"category": "product_family",
"name": "Extractive Analyzer"
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "MARSIC200 Firmware vers:all/*",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "MARSIC280 Firmware vers:all/*",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "MARSIC300 Firmware vers:all/*",
"product_id": "CSAFPID-21003"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "MCS100FT Firmware vers:all/*",
"product_id": "CSAFPID-21004"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "MCS200HW Firmware vers:all/*",
"product_id": "CSAFPID-21005"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "MCS300P Firmware vers:all/*",
"product_id": "CSAFPID-21006"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "MERCEM300Z Firmware vers:all/*",
"product_id": "CSAFPID-21007"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SAM800 Firmware vers:all/*",
"product_id": "CSAFPID-21008"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIPROCESS Firmware vers:all/*",
"product_id": "CSAFPID-21009"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "GMS800 Firmware vers:all/*",
"product_id": "CSAFPID-21010"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "GMS800 FIDOR Firmware vers:all/*",
"product_id": "CSAFPID-21011"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "GM32 Firmware vers:all/*",
"product_id": "CSAFPID-21012"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "VICOTEC320 Firmware vers:all/*",
"product_id": "CSAFPID-21013"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "MCU ETH-Service and Modbus-TCP Module Firmware vers:all/*",
"product_id": "CSAFPID-21015"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "FLPS Firmware vers:all/*",
"product_id": "CSAFPID-21016"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "MES1B B\u0026B Converter Firmware vers:all/*",
"product_id": "CSAFPID-21017"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Endress+Hauser"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser MARSIC200 all firmware versions",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser MARSIC280 all firmware versions",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser MARSIC300 all firmware versions",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser MCS100FT all firmware versions",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser MCS200HW all firmware versions",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21005",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser MCS300P all firmware versions",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21006",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser MERCEM300Z all firmware versions",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21007",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser SAM800 all firmware versions",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21008",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser SIPROCESS all firmware versions",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21009",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser GMS800 all firmware versions",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-21010",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser GMS800 FIDOR all firmware versions",
"product_id": "CSAFPID-31011"
},
"product_reference": "CSAFPID-21011",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser GM32 all firmware versions",
"product_id": "CSAFPID-31012"
},
"product_reference": "CSAFPID-21012",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser VICOTEC320 all firmware versions",
"product_id": "CSAFPID-31013"
},
"product_reference": "CSAFPID-21013",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser MCU ETH-Service and Modbus-TCP Module all firmware versions",
"product_id": "CSAFPID-31015"
},
"product_reference": "CSAFPID-21015",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser FLPS all firmware versions",
"product_id": "CSAFPID-31016"
},
"product_reference": "CSAFPID-21016",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser MES1B B\u0026B Converter all firmware versions",
"product_id": "CSAFPID-31017"
},
"product_reference": "CSAFPID-21017",
"relates_to_product_reference": "CSAFPID-11017"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8751",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability allows a remote unauthenticated attacker to modify the product\u0027s IP address over the Sopas ET interface. This can lead to a Denial of Service attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017"
]
}
],
"title": "CVE-2024-8751"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…