CVE-2024-10025

Name of the Vulnerable Software and Affected Versions: SICK products (affected versions not specified)

Description: A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an “Authorized Client” if the customer has not changed the default password.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.