CVE-2024-10771 (GCVE-0-2024-10771)

Vulnerability from cvelistv5 – Published: 2024-12-06 12:24 – Updated: 2024-12-09 14:47
VLAI?
Summary
Due to missing input validation during one step of the firmware update process, the product is vulnerable to remote code execution. With network access and the user level ”Service”, an attacker can execute arbitrary system commands in the root user’s contexts.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
Vendor Product Version
SICK AG SICK InspectorP61x Affected: 0 , < <5.0.0 (custom)
Create a notification for this product.
    SICK AG SICK InspectorP62x Affected: 0 , < <5.0.0 (custom)
Create a notification for this product.
    SICK AG TiM3xx Affected: 0 , < <5.10.0 (custom)
Create a notification for this product.
Credits
Manuel Stotz Tobias Jaeger
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:sick:inspector61x_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "inspector61x_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThan": "5.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:inspector62x_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "inspector62x_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThan": "5.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:sick:tim3xx:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "tim3xx",
            "vendor": "sick",
            "versions": [
              {
                "lessThan": "5.10.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10771",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-09T14:46:19.943493Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-09T14:47:30.064Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SICK InspectorP61x",
          "vendor": "SICK AG",
          "versions": [
            {
              "lessThan": "\u003c5.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SICK InspectorP62x",
          "vendor": "SICK AG",
          "versions": [
            {
              "lessThan": "\u003c5.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TiM3xx",
          "vendor": "SICK AG",
          "versions": [
            {
              "lessThan": "\u003c5.10.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Manuel Stotz"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Tobias Jaeger"
        }
      ],
      "datePublic": "2024-12-06T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Due to missing input validation during one step of the firmware update process, the product\nis vulnerable to remote code execution. With network access and the user level \u201dService\u201d, an attacker\ncan execute arbitrary system commands in the root user\u2019s contexts."
            }
          ],
          "value": "Due to missing input validation during one step of the firmware update process, the product\nis vulnerable to remote code execution. With network access and the user level \u201dService\u201d, an attacker\ncan execute arbitrary system commands in the root user\u2019s contexts."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-06T12:24:40.610Z",
        "orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
        "shortName": "SICK AG"
      },
      "references": [
        {
          "tags": [
            "x_SICK PSIRT Website"
          ],
          "url": "https://sick.com/psirt"
        },
        {
          "tags": [
            "x_SICK Operating Guidelines"
          ],
          "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
        },
        {
          "tags": [
            "x_ICS-CERT recommended practices on Industrial Security"
          ],
          "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
        },
        {
          "tags": [
            "x_CVSS v3.1 Calculator"
          ],
          "url": "https://www.first.org/cvss/calculator/3.1"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf"
        },
        {
          "tags": [
            "vendor-advisory",
            "x_csaf"
          ],
          "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "For InspectorP61x and InspectorP62x: Customers are strongly recommended to upgrade to the latest release."
            }
          ],
          "value": "For InspectorP61x and InspectorP62x: Customers are strongly recommended to upgrade to the latest release."
        }
      ],
      "source": {
        "advisory": "SCA-2024-0006",
        "discovery": "EXTERNAL"
      },
      "title": "SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for remote code execution",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "For TiM3xx:\u0026nbsp;\n\nWe recommend updating the firmware only in a trusted environment."
            }
          ],
          "value": "For TiM3xx:\u00a0\n\nWe recommend updating the firmware only in a trusted environment."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
    "assignerShortName": "SICK AG",
    "cveId": "CVE-2024-10771",
    "datePublished": "2024-12-06T12:24:40.610Z",
    "dateReserved": "2024-11-04T13:06:55.136Z",
    "dateUpdated": "2024-12-09T14:47:30.064Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Due to missing input validation during one step of the firmware update process, the product\\nis vulnerable to remote code execution. With network access and the user level \\u201dService\\u201d, an attacker\\ncan execute arbitrary system commands in the root user\\u2019s contexts.\"}, {\"lang\": \"es\", \"value\": \"Debido a la falta de validaci\\u00f3n de entrada durante un paso del proceso de actualizaci\\u00f3n del firmware, el producto es vulnerable a la ejecuci\\u00f3n remota de c\\u00f3digo. Con acceso a la red y el nivel de usuario \\\"Servicio\\\", un atacante puede ejecutar comandos arbitrarios del sistema en los contextos del usuario ra\\u00edz.\"}]",
      "id": "CVE-2024-10771",
      "lastModified": "2024-12-06T13:15:04.797",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@sick.de\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2024-12-06T13:15:04.797",
      "references": "[{\"url\": \"https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF\", \"source\": \"psirt@sick.de\"}, {\"url\": \"https://sick.com/psirt\", \"source\": \"psirt@sick.de\"}, {\"url\": \"https://www.cisa.gov/resources-tools/resources/ics-recommended-practices\", \"source\": \"psirt@sick.de\"}, {\"url\": \"https://www.first.org/cvss/calculator/3.1\", \"source\": \"psirt@sick.de\"}, {\"url\": \"https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json\", \"source\": \"psirt@sick.de\"}, {\"url\": \"https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf\", \"source\": \"psirt@sick.de\"}]",
      "sourceIdentifier": "psirt@sick.de",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"psirt@sick.de\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-10771\",\"sourceIdentifier\":\"psirt@sick.de\",\"published\":\"2024-12-06T13:15:04.797\",\"lastModified\":\"2024-12-06T13:15:04.797\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Due to missing input validation during one step of the firmware update process, the product\\nis vulnerable to remote code execution. With network access and the user level \u201dService\u201d, an attacker\\ncan execute arbitrary system commands in the root user\u2019s contexts.\"},{\"lang\":\"es\",\"value\":\"Debido a la falta de validaci\u00f3n de entrada durante un paso del proceso de actualizaci\u00f3n del firmware, el producto es vulnerable a la ejecuci\u00f3n remota de c\u00f3digo. Con acceso a la red y el nivel de usuario \\\"Servicio\\\", un atacante puede ejecutar comandos arbitrarios del sistema en los contextos del usuario ra\u00edz.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@sick.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@sick.de\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"references\":[{\"url\":\"https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF\",\"source\":\"psirt@sick.de\"},{\"url\":\"https://sick.com/psirt\",\"source\":\"psirt@sick.de\"},{\"url\":\"https://www.cisa.gov/resources-tools/resources/ics-recommended-practices\",\"source\":\"psirt@sick.de\"},{\"url\":\"https://www.first.org/cvss/calculator/3.1\",\"source\":\"psirt@sick.de\"},{\"url\":\"https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json\",\"source\":\"psirt@sick.de\"},{\"url\":\"https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf\",\"source\":\"psirt@sick.de\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-10771\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-09T14:46:19.943493Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:sick:inspector61x_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"sick\", \"product\": \"inspector61x_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"5.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:sick:inspector62x_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"sick\", \"product\": \"inspector62x_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"5.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:a:sick:tim3xx:*:*:*:*:*:*:*:*\"], \"vendor\": \"sick\", \"product\": \"tim3xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"5.10.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-09T14:47:22.147Z\"}}], \"cna\": {\"title\": \"SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for remote code execution\", \"source\": {\"advisory\": \"SCA-2024-0006\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Manuel Stotz\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Tobias Jaeger\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SICK AG\", \"product\": \"SICK InspectorP61x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"\u003c5.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SICK AG\", \"product\": \"SICK InspectorP62x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"\u003c5.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SICK AG\", \"product\": \"TiM3xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"\u003c5.10.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"For InspectorP61x and InspectorP62x: Customers are strongly recommended to upgrade to the latest release.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"For InspectorP61x and InspectorP62x: Customers are strongly recommended to upgrade to the latest release.\", \"base64\": false}]}], \"datePublic\": \"2024-12-06T12:00:00.000Z\", \"references\": [{\"url\": \"https://sick.com/psirt\", \"tags\": [\"x_SICK PSIRT Website\"]}, {\"url\": \"https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF\", \"tags\": [\"x_SICK Operating Guidelines\"]}, {\"url\": \"https://www.cisa.gov/resources-tools/resources/ics-recommended-practices\", \"tags\": [\"x_ICS-CERT recommended practices on Industrial Security\"]}, {\"url\": \"https://www.first.org/cvss/calculator/3.1\", \"tags\": [\"x_CVSS v3.1 Calculator\"]}, {\"url\": \"https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json\", \"tags\": [\"vendor-advisory\", \"x_csaf\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"For TiM3xx:\\u00a0\\n\\nWe recommend updating the firmware only in a trusted environment.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"For TiM3xx:\u0026nbsp;\\n\\nWe recommend updating the firmware only in a trusted environment.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Due to missing input validation during one step of the firmware update process, the product\\nis vulnerable to remote code execution. With network access and the user level \\u201dService\\u201d, an attacker\\ncan execute arbitrary system commands in the root user\\u2019s contexts.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Due to missing input validation during one step of the firmware update process, the product\\nis vulnerable to remote code execution. With network access and the user level \\u201dService\\u201d, an attacker\\ncan execute arbitrary system commands in the root user\\u2019s contexts.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a6863dd2-93fc-443d-bef1-79f0b5020988\", \"shortName\": \"SICK AG\", \"dateUpdated\": \"2024-12-06T12:24:40.610Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-10771\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-09T14:47:30.064Z\", \"dateReserved\": \"2024-11-04T13:06:55.136Z\", \"assignerOrgId\": \"a6863dd2-93fc-443d-bef1-79f0b5020988\", \"datePublished\": \"2024-12-06T12:24:40.610Z\", \"assignerShortName\": \"SICK AG\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.