CVE-2024-10772

Summary

Since the firmware update is not validated, an attacker can install modified firmware on the device. This has a high impact on the availabilty, integrity and confidentiality up to the complete compromise of the device.

Affected Software

VendorProductVersion RangeStatus
SICK AGSICK InspectorP61x0 < <5.0.0affected
SICK AGSICK InspectorP62x0 < <5.0.0affected

Weaknesses

  • CWE-649: CWE-649 Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References