CVE-2024-10771 HIGH

CVE-2024-10771: SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for remote code execution

Vendor Sick Ag
Product SICK InspectorP61x
Weakness CWE-94 · Code injection
Published December 6, 2024
Last update May 13, 2026

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Due to missing input validation during one step of the firmware update process, the product is vulnerable to remote code execution. With network access and the user level ”Service”, an attacker can execute arbitrary system commands in the root user’s contexts.

Key dates

02Disclosure timeline

December 6, 2024 CVE published
May 13, 2026 Record updated