CVE-2024-10773 CRITICAL

CVE-2024-10773: SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for pass-the-hash attacks

Vendor Sick Ag
Product SICK InspectorP61x
Weakness CWE-912
Published December 6, 2024
Last update December 9, 2024

CVSS base score

9.0/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain full access to the device.

Key dates

02Disclosure timeline

December 6, 2024 CVE published
December 9, 2024 Record updated