CVE-2024-10025 (CVSS 9.1): Critical Flaw in SICK Products Exposes Systems to Remote Attacks

CVE-2024-10025

A newly disclosed vulnerability in multiple SICK products, tracked as CVE-2024-10025, has raised significant cybersecurity concerns across industries relying on the company’s automation and sensor technologies. The vulnerability, classified as critical with a CVSS score of 9.1, could allow remote attackers to gain unauthorized access and compromise the affected devices’ integrity and availability.

According to the SICK security advisory, the vulnerability lies in the .sdd files of several SICK products, including CLV6xx, Lector6xx, and RFx6xx models. The issue arises from the use of hard-coded credentials stored in plain text, which could allow attackers to access the system as an “Authorized Client” without authentication if the default passwords have not been changed. “A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code,” the advisory explains.

The products affected by CVE-2024-10025 include:

  • SICK CLV6xx (all versions)
  • SICK Lector6xx (all versions)
  • SICK RFx6xx (all versions)

While a fix has been made available by SICK, the advisory strongly urges users to change their default passwords immediately to prevent exploitation. Customers are strongly advised to change their default passwords, the report emphasizes.

This vulnerability could have severe consequences if left unpatched. Attackers exploiting CVE-2024-10025 could potentially alter or disable the functionality of affected devices, disrupting operations across critical sectors such as logistics, manufacturing, and healthcare. The vulnerability impacts both the integrity and availability of the systems, making it a high-risk issue that requires immediate attention.

SICK has released patches to fix the vulnerability, and organizations are advised to apply these updates as soon as possible. Additionally, the advisory recommends several general security measures to reduce the risk of future attacks. These include minimizing network exposure of affected devices and following best practices to ensure the systems are run in a secure environment.

Related Posts: