OTPulse
FeedAboutContact

Telecrane F25 Series

Plan Patch7.6ICS-CERT ICSA-18-296-03Oct 23, 2018
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

The Telecrane F25 Series wireless hoist control device does not properly authenticate or protect command messages, allowing an attacker with network or wireless proximity to view, replay, or forge control commands. Successful exploitation could allow unauthorized users to control the device, change operational parameters, or stop the hoist during operation. The vulnerability affects all F25 Series devices running firmware versions prior to 00.0A.

What this means
What could happen
An attacker could intercept, replay, or forge commands sent to the Telecrane F25 hoist control device, allowing unauthorized control of the hoist or stopping it during operation, which could halt production or create safety hazards.
Who's at risk
Any facility operating Telecrane F25 Series wireless hoist control systems, including manufacturing plants, warehouses, ports, and construction sites that rely on this equipment for material handling. Maintenance and operations staff who depend on hoist control are directly affected.
How it could be exploited
An attacker on the same network as the F25 device could capture wireless or network commands sent to the hoist, replay them to execute unauthorized movement, or craft new commands to stop the device or change its operation. This requires physical or network proximity to the device.
Prerequisites
  • Network or wireless access to the same segment as the F25 device (adjacent network)
  • Ability to capture or observe command traffic to/from the device
  • No valid credentials or authentication required
No authentication required on commandsLow attack complexityNetwork-adjacent attacker can replay or forge commandsAffects safety-critical lifting operationsNo known public exploit but actively exploitable
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
F25 Series: all< 00.0A00.0A
Remediation & Mitigation
0/3
Do now
0/2
HARDENINGRestrict network access to F25 devices—do not connect to the Internet and place behind firewall isolation from business networks
HARDENINGIf remote access is required, use a VPN to secure command channels, and ensure VPN software is kept current
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade F25 firmware to version 00.0A or later through your authorized Telecrane product distributor
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/c55dfaec-fcb1-4d8a-abcc-13c472c74433