Description

A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an “Authorized Client” if the customer has not changed the default password.

INFO

Published Date :

2024-10-17T09:58:03.111Z

Last Modified :

2024-10-17T16:33:53.645Z

Source :

SICK AG
AFFECTED PRODUCTS

The following products are affected by CVE-2024-10025 vulnerability.

Vendors Products
Sick
  • Clv620 Firmware
  • Clv621 Firmware
  • Clv622 Firmware
  • Clv630 Firmware
  • Clv631 Firmware
  • Clv632 Firmware
  • Clv640 Firmware
  • Clv642 Firmware
  • Clv650 Firmware
  • Clv651 Firmware
  • Lector610 Firmware
  • Lector611 Firmware
  • Lector620 Firmware
  • Lector621 Firmware
  • Lector622 Firmware
  • Lector630 Firmware
  • Lector632 Firmware
  • Lector640 Firmware
  • Lector642 Firmware
  • Lector650 Firmware
  • Lector651 Firmware
  • Lector654 Firmware
  • Rfu610-10600 Firmware
  • Rfu610-10601 Firmware
  • Rfu610-10603 Firmware
  • Rfu610-10604 Firmware
  • Rfu610-10605 Firmware
  • Rfu610-10607 Firmware
  • Rfu610-10609 Firmware
  • Rfu610-10610 Firmware
  • Rfu610-10613 Firmware
  • Rfu610-10614 Firmware
  • Rfu610-10618 Firmware
  • Rfu610-10700 Firmware
  • Rfu620-10100 Firmware
  • Rfu620-10101 Firmware
  • Rfu620-10102 Firmware
  • Rfu620-10103 Firmware
  • Rfu620-10104 Firmware
  • Rfu620-10105 Firmware
  • Rfu620-10107 Firmware
  • Rfu620-10108 Firmware
  • Rfu620-10111 Firmware
  • Rfu620-10114 Firmware
  • Rfu620-10118 Firmware
  • Rfu620-10400 Firmware
  • Rfu620-10401 Firmware
  • Rfu620-10500 Firmware
  • Rfu620-10501 Firmware
  • Rfu620-10503 Firmware
  • Rfu620-10504 Firmware
  • Rfu620-10507 Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-10025.

URL Resource
https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF cve-icon cve-icon
https://sick.com/psirt cve-icon cve-icon
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices cve-icon cve-icon
https://www.first.org/cvss/calculator/3.1 cve-icon cve-icon
https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.json cve-icon cve-icon
https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.pdf cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact