Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

AutomationDirect DirectLogic PLC Issues

September 12, 2024
Reading Time: 2 mins read
in Alerts

AutomationDirect‘s DirectLogic H2-DM1E, a programmable logic controller (PLC), is no longer supported due to its age and inherent architectural limitations. Despite its discontinuation, the product has been found to contain critical vulnerabilities that could allow attackers to hijack authenticated sessions or bypass authentication altogether. The vulnerabilities, identified by researchers at Johns Hopkins Applied Physics Lab, include session fixation and authentication bypass, both of which are exploitable through adjacent network access. These vulnerabilities impact versions 2.8.0 and earlier of the H2-DM1E, with CVEs assigned as 2024-43099 and 2024-45368, each receiving high CVSS scores of 8.8.

In the session hijacking vulnerability, attackers could exploit the PLC’s application layer control mechanism by capturing session keys used to maintain secure connections between a host PC and the PLC. Once a session key is captured, attackers could inject traffic into an ongoing session, essentially taking over the communication. This attack requires spoofing the originating host’s IP and MAC addresses, which is typical of session hijacking attacks. Similarly, the PLC’s authentication protocol was found to have an anomaly where it accepted multiple valid responses for authentication, which is a deviation from standard security protocols.

Although no known exploits for these vulnerabilities have been reported, the risks remain significant due to their low complexity, meaning that attackers could leverage them with relatively little effort. The H2-DM1E is used in various critical infrastructure sectors, including manufacturing, dams, and food and agriculture, with global deployment. Given that this PLC is no longer supported by AutomationDirect, and its security flaws could not be addressed within the secure development lifecycle, the company has strongly recommended a transition to more secure and actively maintained systems.

To mitigate the risks posed by these vulnerabilities, AutomationDirect has provided several strategies. First, they recommend upgrading to the BRX platform, which meets current security standards and is actively maintained. Additionally, they advise implementing network segmentation and air gapping to isolate the older H2-DM1E technology from broader network environments, thereby minimizing exposure to potential threats. The company also suggests deploying a StrideLinx secure VPN platform to enhance network security and further protect against external attacks. These measures are intended to reduce the impact of security vulnerabilities and ensure a safer operational environment.

 

Reference:

  • AutomationDirect DirectLogic H2-DM1E

Tags: AutomationDirectCyber AlertsCyber Alerts 2024Cyber threatsDirectLogic H2-DM1ESeptember 2024Vulnerabilities
ADVERTISEMENT

Related Posts

FreeDrain Phishing Steals Crypto Funds

FBI Warns Cybercriminals Exploit Routers

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

X Scam Targets Crypto Users with Fake Ads

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

FreeDrain Phishing Steals Crypto Funds

May 9, 2025
COLDRIVER Hackers Target Sensitive Data

COLDRIVER Hackers Target Sensitive Data

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

CoGUI Targets Consumer and Finance Brands

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial