CVE-2024-11075

Name of the Vulnerable Software and Affected Versions: Incoming Goods Suite (affected versions not specified) SICK AG products (affected versions not specified)

Description: A vulnerability in the Incoming Goods Suite and SICK AG products allows a user with unprivileged access to the underlying system a privilege escalation to the administrative level due to the usage of component vendor Docker images running with root permissions. This misconfiguration can lead to an attacker gaining administrative control over the whole system. The vulnerability is related to insufficient access control and can be exploited to elevate privileges.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.