CVE-2024-8751

Summary

A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP address over Sopas ET. This can lead to Denial of Service. Users are recommended to upgrade both MSC800 and MSC800 LFT to version V4.26 and S2.93.20 respectively which fixes this issue.

Affected Software

VendorProductVersion RangeStatus
SICK AGSICK MSC800V1.0 <= <=V4.25affected
SICK AGSICK MSC800S1.0 <= <=S2.93.19affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References