1 Advisory Published – 9-25-25

Today CISA’s NCCIC-ICS published a control system security advisory for products from Dingtian.

Dingtian Advisory

This advisory describes two insufficiently protected credentials vulnerabilities in the Dingtian DT-R002 relay board. The vulnerabilities were reported to CISA by Nicolas Cano and Reid Wightman of Dragos. CISA notes that “Dingtian has not responded to requests to work with CISA to mitigate these vulnerabilities.”

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit the vulnerability to allow an attacker to retrieve credentials without authentication.

NOTE: In addition to the normal CISA tailored recommendations for generic mitigation measures found in almost all CISA advisories, CISA also repeats a vulnerability-specific recommendation from the researchers who reported the vulnerabilities:

“Restrict access to HTTP (TCP/80), and the Dingtian Protocol on (UDP/60000) and (UDP/60001).”

This is the type of work around that we would normally expect from vendors to provide owners/users protection measures pending implementation of a more permanent fix.