CVE-2024-11022 – SICK InspectorP61x and SICK InspectorP62x are vulnerable for a replay attack

https://notcve.org/view.php?id=CVE-2024-11022

06 Dec 2024 — The authentication process to the web server uses a challenge response procedure which inludes the nonce and additional information. This challenge can be used several times for login and is therefore vulnerable for a replay attack. The authentication process to the web server uses a challenge response procedure which inludes the nonce and additional information. This challenge can be used several times for login and is therefore vulnerable for a replay attack. • https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF • CWE-323: Reusing a Nonce, Key Pair in Encryption •