CVE-2024-10771

HIGH 8.8

SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for remote code execution

CVSS Score

8.8

EPSS Score

4.5%

EPSS Percentile

89th

Due to missing input validation during one step of the firmware update process, the product is vulnerable to remote code execution. With network access and the user level ”Service”, an attacker can execute arbitrary system commands in the root user’s contexts.

CWE	CWE-94
Vendor	sick ag
Product	sick inspectorp61x
Published	Dec 6, 2024
Last Updated	May 13, 2026

Stay Ahead of the Next One

Get instant alerts for sick ag sick inspectorp61x

Be the first to know when new high vulnerabilities affecting sick ag sick inspectorp61x are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

SICK AG / SICK InspectorP61x

0 < <5.0.0

SICK AG / SICK InspectorP62x

0 < <5.0.0

SICK AG / TiM3xx

0 < <5.10.0

SICK AG / TDC-X401GL

all versions

References

NVD ↗ CVE.org ↗ EPSS Data ↗

sick.com: https://sick.com/psirt cdn.sick.com: https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF cisa.gov: https://www.cisa.gov/resources-tools/resources/ics-recommended-practices first.org: https://www.first.org/cvss/calculator/3.1 sick.com: https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf sick.com: https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json

Credits

Manuel Stotz Tobias Jaeger