Datalogic AV7000 Linear Barcode Scanner

Plan Patch8.8ICS-CERT ICSA-19-239-02Aug 27, 2019

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

The Datalogic AV7000 Linear Barcode Scanner contains improper authentication in its HTTP authentication process (CWE-288), allowing remote attackers to bypass login without valid credentials. The vulnerability affects all firmware versions prior to 4.6.0.0. Datalogic has released a new firmware version to mitigate this issue, available by contacting Datalogic service representatives.

What this means

What could happen

An attacker with network access could bypass authentication on the AV7000 barcode scanner, potentially gaining unauthorized control of the device or the data it processes. This could disrupt inventory tracking, shipping operations, or data integrity in supply chain workflows.

Who's at risk

This affects organizations operating Datalogic AV7000 barcode scanners in warehouse and logistics operations, retail point-of-sale systems, and manufacturing/assembly lines where barcode scanning is part of the material handling process.

How it could be exploited

An attacker on your network sends a specially crafted HTTP request to the AV7000 scanner's web interface, exploiting weaknesses in the authentication process to bypass login credentials. Once authenticated, the attacker could reconfigure the scanner, extract scanned barcode data, or cause the device to stop functioning.

Prerequisites

Network access to the AV7000 web interface (typically port 80 or 443)
No valid credentials required for exploitation

Remotely exploitableNo authentication requiredLow complexity attackAffects networked inventory/data collection systems

Exploitability

Low exploit probability (EPSS 0.6%)

Affected products (1)

ProductAffected VersionsFix Status

AV7000 Linear Barcode Scanner: All< 4.6.0.04.6.0.0

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDRestrict network access to the AV7000 scanner to only authorized workstations using firewall rules

HARDENINGDisable direct Internet access to the AV7000 scanner and place it on a segmented network isolated from business systems

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade AV7000 firmware to version 4.6.0.0 or later

Long-term hardening

0/1

HARDENINGIf remote access is required, use a VPN with strong authentication and keep it updated

CVEs (1)

CVE-2019-13526

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/77261660-87c2-408f-b972-247831f6e881