Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for MCU ETH-Service and Modbus-TCP Module by Endress+Hauser
CVE-2024-8751 (GCVE-0-2024-8751)
Vulnerability from nvd – Published: 2024-09-12 21:38 – Updated: 2026-07-16 09:48
VLAI
EPSS
VEX
Title
CVE-2024-8751
Summary
A vulnerability allows a remote unauthenticated attacker to modify the prod
uct’s IP address over the Sopas ET interface. This can lead to a Denial of Service attack.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://sick.com/psirt | x_SICK PSIRT Website |
| https://cdn.sick.com/media/docs/1/11/411/Special_… | x_SICK Operating Guidelines |
| https://www.cisa.gov/resources-tools/resources/ic… | x_ICS-CERT recommended practices on Industrial Security |
| https://www.first.org/cvss/calculator/3.1 | x_CVSS v3.1 Calculator |
| https://www.sick.com/.well-known/csaf/white/2024/… | vendor-advisory |
| https://www.sick.com/.well-known/csaf/white/2026/… | vendor-advisory |
| https://www.sick.com/.well-known/csaf/white/2024/… | x_The canonical URL |
| https://www.sick.com/.well-known/csaf/white/2026/… | x_The canonical URL |
| https://www.endress.com | x_Endress+Hauser |
Impacted products
18 products
| Vendor | Product | Version | |
|---|---|---|---|
| Endress+Hauser | MSC800 |
Affected:
V1.0 , ≤ <=V4.25
(custom)
Affected: S1.0 , ≤ <=S2.93.19 (custom) |
|
| Endress+Hauser | MARSIC200 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MARSIC280 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MARSIC300 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MCS100FT |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MCS200HW |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MCS300P |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MERCEM300Z |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | SAM800 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | SIPROCESS |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | GMS800 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | GMS800 FIDOR |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | GM32 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | VICOTEC320 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MCU ETH-Service and Modbus-TCP Module |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | FLPS |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MES1B B&B Converter |
Affected:
all versions
(custom)
|
|
| sick | msc800_firmware |
Affected:
1.0 , ≤ 4.25
(custom)
Affected: 1.0 , ≤ s2.93.19 (custom) cpe:2.3:o:sick:msc800_firmware:*:*:*:*:*:*:*:* |
Date Public
2024-09-12 21:33
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sick:msc800_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msc800_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "4.25",
"status": "affected",
"version": "1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "s2.93.19",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8751",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T13:53:13.856056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T14:02:19.375Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "MSC800",
"vendor": "Endress+Hauser",
"versions": [
{
"lessThanOrEqual": "\u003c=V4.25",
"status": "affected",
"version": "V1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "\u003c=S2.93.19",
"status": "affected",
"version": "S1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MARSIC200",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MARSIC280",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MARSIC300",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MCS100FT",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MCS200HW",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MCS300P",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MERCEM300Z",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "SAM800",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "SIPROCESS",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "GMS800",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "GMS800 FIDOR",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "GM32",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "VICOTEC320",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MCU ETH-Service and Modbus-TCP Module",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "FLPS",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MES1B B\u0026B Converter",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-12T21:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability allows a remote unauthenticated attacker to modify the prod\nuct\u2019s IP address over the Sopas ET interface. This can lead to a Denial of Service attack.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "A vulnerability allows a remote unauthenticated attacker to modify the prod\nuct\u2019s IP address over the Sopas ET interface. This can lead to a Denial of Service attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-16T09:48:36.996Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_SICK PSIRT Website"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"x_SICK Operating Guidelines"
],
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
},
{
"tags": [
"x_ICS-CERT recommended practices on Industrial Security"
],
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"tags": [
"x_CVSS v3.1 Calculator"
],
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0002.pdf"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0009.pdf"
},
{
"tags": [
"x_The canonical URL"
],
"url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0002.json"
},
{
"tags": [
"x_The canonical URL"
],
"url": "https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0009.json"
},
{
"tags": [
"x_Endress+Hauser"
],
"url": "https://www.endress.com"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For Endress+Hauser MSC800FT: Customers who use the version \u0026lt;=V4.25 are strongly recommended to upgrade to the latest\nrelease V4.26\n\n\u003cbr\u003e"
}
],
"value": "For Endress+Hauser MSC800FT: Customers who use the version \u003c=V4.25 are strongly recommended to upgrade to the latest\nrelease V4.26"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For Endress+Hauser MSC800FT: Customers who use the version \u0026lt;=S2.93.19 are strongly recommended to upgrade to the\nlatest release S2.93.20.\n\n\u003cbr\u003e"
}
],
"value": "For Endress+Hauser MSC800FT: Customers who use the version \u003c=S2.93.19 are strongly recommended to upgrade to the\nlatest release S2.93.20."
}
],
"source": {
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-09-12T21:36:00.000Z",
"value": "1: Initial version"
},
{
"lang": "en",
"time": "2026-07-16T10:00:00.000Z",
"value": "2: Added more products"
}
],
"title": "CVE-2024-8751",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor Endress+Hauser\u0026nbsp;MARSIC200, MARSIC280, MARSIC300, MCS100FT, MCS200HW, MCS300P, MERCEM300Z, SAM800, SIPROCESS, GMS800, GMS800 FIDOR, GM32, VICOTEC320, MCU ETH-Service and Modbus-TCP Module, FLPS, MES1B B\u0026amp;B Converter:\u0026nbsp; Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.\u003c/p\u003e"
}
],
"value": "For Endress+Hauser\u00a0MARSIC200, MARSIC280, MARSIC300, MCS100FT, MCS200HW, MCS300P, MERCEM300Z, SAM800, SIPROCESS, GMS800, GMS800 FIDOR, GM32, VICOTEC320, MCU ETH-Service and Modbus-TCP Module, FLPS, MES1B B\u0026B Converter:\u00a0 Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2024-8751",
"datePublished": "2024-09-12T21:38:37.516Z",
"dateReserved": "2024-09-12T13:17:03.176Z",
"dateUpdated": "2026-07-16T09:48:36.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8751 (GCVE-0-2024-8751)
Vulnerability from cvelistv5 – Published: 2024-09-12 21:38 – Updated: 2026-07-16 09:48
VLAI
EPSS
VEX
Title
CVE-2024-8751
Summary
A vulnerability allows a remote unauthenticated attacker to modify the prod
uct’s IP address over the Sopas ET interface. This can lead to a Denial of Service attack.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://sick.com/psirt | x_SICK PSIRT Website |
| https://cdn.sick.com/media/docs/1/11/411/Special_… | x_SICK Operating Guidelines |
| https://www.cisa.gov/resources-tools/resources/ic… | x_ICS-CERT recommended practices on Industrial Security |
| https://www.first.org/cvss/calculator/3.1 | x_CVSS v3.1 Calculator |
| https://www.sick.com/.well-known/csaf/white/2024/… | vendor-advisory |
| https://www.sick.com/.well-known/csaf/white/2026/… | vendor-advisory |
| https://www.sick.com/.well-known/csaf/white/2024/… | x_The canonical URL |
| https://www.sick.com/.well-known/csaf/white/2026/… | x_The canonical URL |
| https://www.endress.com | x_Endress+Hauser |
Impacted products
18 products
| Vendor | Product | Version | |
|---|---|---|---|
| Endress+Hauser | MSC800 |
Affected:
V1.0 , ≤ <=V4.25
(custom)
Affected: S1.0 , ≤ <=S2.93.19 (custom) |
|
| Endress+Hauser | MARSIC200 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MARSIC280 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MARSIC300 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MCS100FT |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MCS200HW |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MCS300P |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MERCEM300Z |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | SAM800 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | SIPROCESS |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | GMS800 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | GMS800 FIDOR |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | GM32 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | VICOTEC320 |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MCU ETH-Service and Modbus-TCP Module |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | FLPS |
Affected:
all versions
(custom)
|
|
| Endress+Hauser | MES1B B&B Converter |
Affected:
all versions
(custom)
|
|
| sick | msc800_firmware |
Affected:
1.0 , ≤ 4.25
(custom)
Affected: 1.0 , ≤ s2.93.19 (custom) cpe:2.3:o:sick:msc800_firmware:*:*:*:*:*:*:*:* |
Date Public
2024-09-12 21:33
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sick:msc800_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "msc800_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "4.25",
"status": "affected",
"version": "1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "s2.93.19",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8751",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T13:53:13.856056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T14:02:19.375Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "MSC800",
"vendor": "Endress+Hauser",
"versions": [
{
"lessThanOrEqual": "\u003c=V4.25",
"status": "affected",
"version": "V1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "\u003c=S2.93.19",
"status": "affected",
"version": "S1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MARSIC200",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MARSIC280",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MARSIC300",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MCS100FT",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MCS200HW",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MCS300P",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MERCEM300Z",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "SAM800",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "SIPROCESS",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "GMS800",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "GMS800 FIDOR",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "GM32",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "VICOTEC320",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MCU ETH-Service and Modbus-TCP Module",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "FLPS",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "MES1B B\u0026B Converter",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "affected",
"version": "all versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-12T21:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability allows a remote unauthenticated attacker to modify the prod\nuct\u2019s IP address over the Sopas ET interface. This can lead to a Denial of Service attack.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "A vulnerability allows a remote unauthenticated attacker to modify the prod\nuct\u2019s IP address over the Sopas ET interface. This can lead to a Denial of Service attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-16T09:48:36.996Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_SICK PSIRT Website"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"x_SICK Operating Guidelines"
],
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
},
{
"tags": [
"x_ICS-CERT recommended practices on Industrial Security"
],
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"tags": [
"x_CVSS v3.1 Calculator"
],
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0002.pdf"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0009.pdf"
},
{
"tags": [
"x_The canonical URL"
],
"url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0002.json"
},
{
"tags": [
"x_The canonical URL"
],
"url": "https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0009.json"
},
{
"tags": [
"x_Endress+Hauser"
],
"url": "https://www.endress.com"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For Endress+Hauser MSC800FT: Customers who use the version \u0026lt;=V4.25 are strongly recommended to upgrade to the latest\nrelease V4.26\n\n\u003cbr\u003e"
}
],
"value": "For Endress+Hauser MSC800FT: Customers who use the version \u003c=V4.25 are strongly recommended to upgrade to the latest\nrelease V4.26"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For Endress+Hauser MSC800FT: Customers who use the version \u0026lt;=S2.93.19 are strongly recommended to upgrade to the\nlatest release S2.93.20.\n\n\u003cbr\u003e"
}
],
"value": "For Endress+Hauser MSC800FT: Customers who use the version \u003c=S2.93.19 are strongly recommended to upgrade to the\nlatest release S2.93.20."
}
],
"source": {
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-09-12T21:36:00.000Z",
"value": "1: Initial version"
},
{
"lang": "en",
"time": "2026-07-16T10:00:00.000Z",
"value": "2: Added more products"
}
],
"title": "CVE-2024-8751",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor Endress+Hauser\u0026nbsp;MARSIC200, MARSIC280, MARSIC300, MCS100FT, MCS200HW, MCS300P, MERCEM300Z, SAM800, SIPROCESS, GMS800, GMS800 FIDOR, GM32, VICOTEC320, MCU ETH-Service and Modbus-TCP Module, FLPS, MES1B B\u0026amp;B Converter:\u0026nbsp; Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.\u003c/p\u003e"
}
],
"value": "For Endress+Hauser\u00a0MARSIC200, MARSIC280, MARSIC300, MCS100FT, MCS200HW, MCS300P, MERCEM300Z, SAM800, SIPROCESS, GMS800, GMS800 FIDOR, GM32, VICOTEC320, MCU ETH-Service and Modbus-TCP Module, FLPS, MES1B B\u0026B Converter:\u00a0 Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2024-8751",
"datePublished": "2024-09-12T21:38:37.516Z",
"dateReserved": "2024-09-12T13:17:03.176Z",
"dateUpdated": "2026-07-16T09:48:36.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}