Primary

Context

SICK Lector8xx and InspectorP8xx Command Injection Vulnerability

Vulnerability

A command injection vulnerability has been identified in the SICK Lector8xx and SICK InspectorP8xx product lines. This vulnerability allows remote attackers with low privileges to execute arbitrary shell commands on the affected devices. The issue arises from the ability to manipulate firmware files or use lower-level functions to interact with the device's command execution environment.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of shell commands on the affected device.

Remediation

Users are advised to upgrade to the latest versions of the Lector8xx (version 2.4.0 or later) and the InspectorP8xx (version 3.11.1 or later) that include patches for this vulnerability. It is also recommended to set a secure password, following the operating instructions available in the reference section.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SICK Lector8xx and InspectorP8xx Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating