NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-10025

Summary	A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an “Authorized Client” if the customer has not changed the default password.
Publication Date	Oct. 17, 2024, 7:15 p.m.
Registration Date	Oct. 18, 2024, 5 a.m.
Last Update	Oct. 18, 2024, 9:52 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://sick.com/psirt
2	https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
3	https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
4	https://www.first.org/cvss/calculator/3.1
5	https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.pdf
6	https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.json

Common Vulnerabilities List