High severity8.2NVD Advisory· Published Dec 6, 2024· Updated Apr 15, 2026

CVE-2024-10776

Description

Lua apps can be deployed, removed, started, reloaded or stopped without authorization via AppManager. This allows an attacker to remove legitimate apps creating a DoS attack, read and write files or load apps that use all features of the product available to a customer.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDFnvd
sick.com/psirtnvd
www.cisa.gov/resources-tools/resources/ics-recommended-practicesnvd
www.first.org/cvss/calculator/3.1nvd
www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.jsonnvd
www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.533
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000