Description
The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device.
Published: 2026-03-03
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthenticated Remote Command Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability allows an attacker to send specially crafted packets to the Labkotec LID-3300IP without any authentication, enabling the alteration of device parameters and execution of operational commands. This results in remote unauthorized control over the device’s configuration and command interface, potentially disrupting operations, bypassing security controls, and compromising confidentiality, integrity, and availability. The weakness is missing authentication for a critical function (CWE-306).

Affected Systems

The affected devices are the Labkotec LID-3300IP and the LID-3300IP Type 2 models running firmware versions prior to V2.40. Devices that are not connected to an Ethernet network are not susceptible. Ice detectors operating exclusively on secure internal networks that adhere to modern security standards, where only authorized devices and users have access, are protected against external threats.

Risk and Exploitability

The CVSS score of 8.8 indicates high severity, while the EPSS score of less than 1% indicates a very low but nonzero exploitation probability. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is the Ethernet interface, and an attacker who can reach the device across the network can send the crafted packets to trigger the unauthenticated command execution.

Generated by OpenCVE AI on April 16, 2026 at 13:57 UTC.

Remediation

Vendor Solution

Labkotec reports that it is not possible to implement secure and encrypted network traffic on the LID-3300IP. For this reason, Labkotec recommends updating ice detectors to the LID-3300IP Type 2 model and installing the latest firmware version V2.40. It is also highly recommended to activate HTTPS for network traffic. The device type and software version can be verified in the web interface. Devices not connected to an Ethernet network are not susceptible to this attack. Ice detectors operating on secure internal networks that adhere to modern security standards, where only authorized devices and users have access, are protected against external threats. Labkotec recommends implementing the following additional security controls: * Do not connect the device to the public Internet * Follow good security practices * Change Default Credentials * Enable Secure Management Access * Network Segmentation * Implement Firewall and Access Controls * Restrict Protocols * Monitor and Alert * Avoid Direct Internet Exposure * Keep Firmware Updated * Control Physical Access * Maintain Inventory and Access Reviews Users can find more information in Labkotec's security advisory ( https://labkotec.fi/wp-content/uploads/CA-000001-Cybersecurity-Advisory.pdf) .

OpenCVE Recommended Actions

  • Upgrade the device to the LID-3300IP Type 2 model and install firmware V2.40 or later
  • Enable HTTPS for all network traffic and secure management access
  • Change default credentials and implement strong, unique passwords
  • Segment the network to restrict access to the device and restrict or filter protocols
  • Apply firewall rules or access controls to limit inbound connections to trusted sources

Generated by OpenCVE AI on April 16, 2026 at 13:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 04 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 04 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Labkotec
Labkotec lid-3300ip
Labkotec lid-3300ip Type 2
Vendors & Products Labkotec
Labkotec lid-3300ip
Labkotec lid-3300ip Type 2

Tue, 03 Mar 2026 21:45:00 +0000

Type Values Removed Values Added
Description The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device.
Title Missing Authentication for Critical Function in Labkotec LID-3300IP
Weaknesses CWE-306
References
Metrics cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Labkotec Lid-3300ip Lid-3300ip Type 2
cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2026-03-04T21:19:18.229Z

Reserved: 2026-02-02T17:02:21.300Z

Link: CVE-2026-1775

cve-icon Vulnrichment

Updated: 2026-03-04T21:19:08.753Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-03T22:16:27.770

Modified: 2026-03-04T18:08:05.730

Link: CVE-2026-1775

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T14:00:19Z

Weaknesses