A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an “Authorized Client” if the customer has not changed the default password.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| SICK AG | SICK CLV6xx | unaffected |
|
||||||
| SICK AG | SICK Lector6xx | unaffected |
|
||||||
| SICK AG | SICK RFx6xx | unaffected |
|
No data.
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Sick
Subscribe
|
Clv620 Firmware
Subscribe
Clv621 Firmware
Subscribe
Clv622 Firmware
Subscribe
Clv630 Firmware
Subscribe
Clv631 Firmware
Subscribe
Clv632 Firmware
Subscribe
Clv640 Firmware
Subscribe
Clv642 Firmware
Subscribe
Clv650 Firmware
Subscribe
Clv651 Firmware
Subscribe
Lector610 Firmware
Subscribe
Lector611 Firmware
Subscribe
Lector620 Firmware
Subscribe
Lector621 Firmware
Subscribe
Lector622 Firmware
Subscribe
Lector630 Firmware
Subscribe
Lector632 Firmware
Subscribe
Lector640 Firmware
Subscribe
Lector642 Firmware
Subscribe
Lector650 Firmware
Subscribe
Lector651 Firmware
Subscribe
Lector654 Firmware
Subscribe
Rfu610-10600 Firmware
Subscribe
Rfu610-10601 Firmware
Subscribe
Rfu610-10603 Firmware
Subscribe
Rfu610-10604 Firmware
Subscribe
Rfu610-10605 Firmware
Subscribe
Rfu610-10607 Firmware
Subscribe
Rfu610-10609 Firmware
Subscribe
Rfu610-10610 Firmware
Subscribe
Rfu610-10613 Firmware
Subscribe
Rfu610-10614 Firmware
Subscribe
Rfu610-10618 Firmware
Subscribe
Rfu610-10700 Firmware
Subscribe
Rfu620-10100 Firmware
Subscribe
Rfu620-10101 Firmware
Subscribe
Rfu620-10102 Firmware
Subscribe
Rfu620-10103 Firmware
Subscribe
Rfu620-10104 Firmware
Subscribe
Rfu620-10105 Firmware
Subscribe
Rfu620-10107 Firmware
Subscribe
Rfu620-10108 Firmware
Subscribe
Rfu620-10111 Firmware
Subscribe
Rfu620-10114 Firmware
Subscribe
Rfu620-10118 Firmware
Subscribe
Rfu620-10400 Firmware
Subscribe
Rfu620-10401 Firmware
Subscribe
Rfu620-10500 Firmware
Subscribe
Rfu620-10501 Firmware
Subscribe
Rfu620-10503 Firmware
Subscribe
Rfu620-10504 Firmware
Subscribe
Rfu620-10507 Firmware
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-32875 | A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an “Authorized Client” if the customer has not changed the default password. |
Fixes
Solution
Customers are strongly advised to change their default passwords.
Workaround
No workaround given by the vendor.
References
History
Sun, 13 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Thu, 17 Oct 2024 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Sick
Sick clv620 Firmware Sick clv621 Firmware Sick clv622 Firmware Sick clv630 Firmware Sick clv631 Firmware Sick clv632 Firmware Sick clv640 Firmware Sick clv642 Firmware Sick clv650 Firmware Sick clv651 Firmware Sick lector610 Firmware Sick lector611 Firmware Sick lector620 Firmware Sick lector621 Firmware Sick lector622 Firmware Sick lector630 Firmware Sick lector632 Firmware Sick lector640 Firmware Sick lector642 Firmware Sick lector650 Firmware Sick lector651 Firmware Sick lector654 Firmware Sick rfu610-10600 Firmware Sick rfu610-10601 Firmware Sick rfu610-10603 Firmware Sick rfu610-10604 Firmware Sick rfu610-10605 Firmware Sick rfu610-10607 Firmware Sick rfu610-10609 Firmware Sick rfu610-10610 Firmware Sick rfu610-10613 Firmware Sick rfu610-10614 Firmware Sick rfu610-10618 Firmware Sick rfu610-10700 Firmware Sick rfu620-10100 Firmware Sick rfu620-10101 Firmware Sick rfu620-10102 Firmware Sick rfu620-10103 Firmware Sick rfu620-10104 Firmware Sick rfu620-10105 Firmware Sick rfu620-10107 Firmware Sick rfu620-10108 Firmware Sick rfu620-10111 Firmware Sick rfu620-10114 Firmware Sick rfu620-10118 Firmware Sick rfu620-10400 Firmware Sick rfu620-10401 Firmware Sick rfu620-10500 Firmware Sick rfu620-10501 Firmware Sick rfu620-10503 Firmware Sick rfu620-10504 Firmware Sick rfu620-10507 Firmware |
|
| CPEs | cpe:2.3:o:sick:clv620_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:clv621_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:clv622_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:clv630_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:clv631_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:clv632_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:clv640_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:clv642_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:clv650_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:clv651_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector610_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:lector611_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:lector620_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector621_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector622_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector630_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector632_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector640_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector642_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector650_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector651_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lector654_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10600_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10601_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10603_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10604_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10605_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10607_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10609_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10610_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10613_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10614_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10618_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu610-10700_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10100_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10101_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10102_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10103_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10104_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10105_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10107_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10108_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10111_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10114_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10118_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10400_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10401_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10500_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10501_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10503_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10504_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:rfu620-10507_firmware:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Sick
Sick clv620 Firmware Sick clv621 Firmware Sick clv622 Firmware Sick clv630 Firmware Sick clv631 Firmware Sick clv632 Firmware Sick clv640 Firmware Sick clv642 Firmware Sick clv650 Firmware Sick clv651 Firmware Sick lector610 Firmware Sick lector611 Firmware Sick lector620 Firmware Sick lector621 Firmware Sick lector622 Firmware Sick lector630 Firmware Sick lector632 Firmware Sick lector640 Firmware Sick lector642 Firmware Sick lector650 Firmware Sick lector651 Firmware Sick lector654 Firmware Sick rfu610-10600 Firmware Sick rfu610-10601 Firmware Sick rfu610-10603 Firmware Sick rfu610-10604 Firmware Sick rfu610-10605 Firmware Sick rfu610-10607 Firmware Sick rfu610-10609 Firmware Sick rfu610-10610 Firmware Sick rfu610-10613 Firmware Sick rfu610-10614 Firmware Sick rfu610-10618 Firmware Sick rfu610-10700 Firmware Sick rfu620-10100 Firmware Sick rfu620-10101 Firmware Sick rfu620-10102 Firmware Sick rfu620-10103 Firmware Sick rfu620-10104 Firmware Sick rfu620-10105 Firmware Sick rfu620-10107 Firmware Sick rfu620-10108 Firmware Sick rfu620-10111 Firmware Sick rfu620-10114 Firmware Sick rfu620-10118 Firmware Sick rfu620-10400 Firmware Sick rfu620-10401 Firmware Sick rfu620-10500 Firmware Sick rfu620-10501 Firmware Sick rfu620-10503 Firmware Sick rfu620-10504 Firmware Sick rfu620-10507 Firmware |
|
| Metrics |
ssvc
|
Thu, 17 Oct 2024 10:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an “Authorized Client” if the customer has not changed the default password. | |
| Title | Vulnerability in SICK CLV6xx, SICK Lector6xx and SICK RFx6xx | |
| Weaknesses | CWE-798 | |
| References |
|
|
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: SICK AG
Published:
Updated: 2024-10-17T16:33:53.645Z
Reserved: 2024-10-16T07:45:23.632Z
Link: CVE-2024-10025
Vulnrichment
Updated: 2024-10-17T13:46:41.657Z
NVD
Status : Awaiting Analysis
Published: 2024-10-17T10:15:03.127
Modified: 2024-10-18T12:52:33.507
Link: CVE-2024-10025
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses