Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2024/12/06 12:38 p.m.9 views

CVE-2024-10776 SICK InspectorP61x and SICK InspectorP62x: missing authentication

Lua apps can be deployed, removed, started, reloaded or stopped without authorization via AppManager. This allows an attacker to remove legitimate apps creating a DoS attack, read and write files or load apps that use all features of the product available to a customer...

8.2CVSS6.8AI score0.00481EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/12/06 12:35 p.m.20 views

CVE-2024-10774 SICK InspectorP61x and SICK InspectorP62x have unauthenticated CROWN APIs

Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of large parts of the web application without authentication...

7.3CVSS0.00439EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/12/06 12:31 p.m.13 views

CVE-2024-10773 SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for pass-the-hash attacks

The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain full access to the device...

9CVSS6.8AI score0.00576EPSS
Exploits0References6
CVE
CVE
added 2024/12/06 12:31 p.m.56 views

CVE-2024-10773

The CVE-2024-10773 entry affects SICK InspectorP61x, InspectorP62x and TiM3xx devices. Root cause: pass-the-hash attacks enabled by hardcoded hidden-user credentials, allowing an attacker to log in as hidden levels and gain full device access. Affected versions are InspectorP61x and InspectorP62x...

9CVSS9AI score0.00576EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/12/06 12:28 p.m.21 views

CVE-2024-10772 SICK InspectorP61x and SICK InspectorP62x are vulnerable for firmware modification

Since the firmware update is not validated, an attacker can install modified firmware on the device. This has a high impact on the availabilty, integrity and confidentiality up to the complete compromise of the device...

8.8CVSS0.00334EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/12/06 12:24 p.m.17 views

CVE-2024-10771 SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for remote code execution

Due to missing input validation during one step of the firmware update process, the product is vulnerable to remote code execution. With network access and the user level ”Service”, an attacker can execute arbitrary system commands in the root user’s contexts...

8.8CVSS8.5AI score0.01074EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/12/06 12:13 p.m.17 views

CVE-2024-11022 SICK InspectorP61x and SICK InspectorP62x are vulnerable for a replay attack

The authentication process to the web server uses a challenge response procedure which inludes the nonce and additional information. This challenge can be used several times for login and is therefore vulnerable for a replay attack...

5.6CVSS0.00394EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/12/06 12:13 p.m.8 views

CVE-2024-11022 SICK InspectorP61x and SICK InspectorP62x are vulnerable for a replay attack

The authentication process to the web server uses a challenge response procedure which inludes the nonce and additional information. This challenge can be used several times for login and is therefore vulnerable for a replay attack...

5.6CVSS7.1AI score0.00394EPSS
Exploits0References6
CVE
CVE
added 2024/12/06 12:13 p.m.52 views

CVE-2024-11022

The CVE-2024-11022 entry relates to SICK InspectorP61x/InspectorP62x (and potentially related TiM3xx) where the web server authentication uses a challenge–response that includes nonce and other data, allowing replay of login attempts. Connected documents from SICK PSIRT and CVE records confirm a ...

5.6CVSS5.6AI score0.00394EPSS
Exploits0References6
Rows per page
Query Builder