Vulnerabilites related to sick - fx0-gpnt00000_firmware
cve-2023-5246
Vulnerability from cvelistv5
Published
2023-10-23 12:22
Modified
2024-09-11 16:17
Severity ?
EPSS score ?
Summary
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sick.com/psirt | issue-tracking | |
| https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf | vendor-advisory | |
| https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json | x_csaf |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | SICK AG | FX0-GMOD00000 |
Version: vers:all/* |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"
},
{
"tags": [
"x_csaf",
"x_transferred"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-gmod00000_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-gmod00010_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-gmod00030_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-gmod00030_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-gpnt00000_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-gpnt00010_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-gpnt00030_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-getc00000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-getc00000",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-getc00010:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-getc00010",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx3-gepr00000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx3-gepr00000",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx3-gepr00010:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx3-gepr00010",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-gent00000_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-gent00010_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx0-gent00030_firmware",
"vendor": "sick",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T15:28:47.832868Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T16:17:17.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "FX0-GMOD00000",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GMOD00010",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GMOD00030",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GPNT00000",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GPNT00010",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GPNT00030",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GETC00000",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GETC00010",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX3-GEPR00000",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX3-GEPR00010",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GENT00000",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GENT00010",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GENT00030",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay."
}
],
"value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass by Capture-replay",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T09:19:02.867Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"
},
{
"tags": [
"x_csaf"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"
}
],
"source": {
"discovery": "INTERNAL"
},
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n"
}
],
"value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2023-5246",
"datePublished": "2023-10-23T12:22:19.895Z",
"dateReserved": "2023-09-28T06:29:07.044Z",
"dateUpdated": "2024-09-11T16:17:17.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-23451
Vulnerability from cvelistv5
Published
2023-04-19 00:00
Modified
2025-02-05 15:24
Severity ?
EPSS score ?
Summary
The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number <=2311xxxx with Firmware <=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number <=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number <=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number <=2311xxxx with Firmware <=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sick.com/psirt |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| N/A | SICK FX0-GENT00000, SICK FX0-GENT00030, SICK FX0-GMOD00000, SICK FX0-GMOD00010, SICK FX0-GPNT00000, SICK FX0-GPNT00030, SICK UE410-EN1, SICK UE410-EN3, SICK UE410-EN3S04, SICK UE410-EN4 |
Version: <=2311xxxx Version: <=V2.11.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sick.com/psirt"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-23451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T15:22:34.735214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:24:56.399Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SICK FX0-GENT00000, SICK FX0-GENT00030, SICK FX0-GMOD00000, SICK FX0-GMOD00010, SICK FX0-GPNT00000, SICK FX0-GPNT00030, SICK UE410-EN1, SICK UE410-EN3, SICK UE410-EN3S04, SICK UE410-EN4",
"vendor": "N/A",
"versions": [
{
"status": "affected",
"version": "\u003c=2311xxxx"
},
{
"status": "affected",
"version": "\u003c=V2.11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-477",
"description": "CWE-477",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-14T16:42:41.838Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"url": "https://sick.com/psirt"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2023-23451",
"datePublished": "2023-04-19T00:00:00.000Z",
"dateReserved": "2023-01-12T00:00:00.000Z",
"dateUpdated": "2025-02-05T15:24:56.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-14753
Vulnerability from cvelistv5
Published
2019-09-24 16:44
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:26:38.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sick.com/medias/SCA-2019-002.pdf?context=bWFzdGVyfGNvbnRlbnR8MjE5MDk1fGFwcGxpY2F0aW9uL3BkZnxjb250ZW50L2g3Yy9oNDEvMTAzMDY0NjAzNTI1NDIucGRmfDJlZTVmZjJmYzYwYmQ1ODQyZDBmMjA0OTc3ZDBjMmY1YzZkYzUzNzI0MWI0OGIyOTE0OTllY2VlYjJhNzUzYTE"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-24T16:51:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sick.com/medias/SCA-2019-002.pdf?context=bWFzdGVyfGNvbnRlbnR8MjE5MDk1fGFwcGxpY2F0aW9uL3BkZnxjb250ZW50L2g3Yy9oNDEvMTAzMDY0NjAzNTI1NDIucGRmfDJlZTVmZjJmYzYwYmQ1ODQyZDBmMjA0OTc3ZDBjMmY1YzZkYzUzNzI0MWI0OGIyOTE0OTllY2VlYjJhNzUzYTE"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories",
"refsource": "MISC",
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
},
{
"name": "https://www.sick.com/medias/SCA-2019-002.pdf?context=bWFzdGVyfGNvbnRlbnR8MjE5MDk1fGFwcGxpY2F0aW9uL3BkZnxjb250ZW50L2g3Yy9oNDEvMTAzMDY0NjAzNTI1NDIucGRmfDJlZTVmZjJmYzYwYmQ1ODQyZDBmMjA0OTc3ZDBjMmY1YzZkYzUzNzI0MWI0OGIyOTE0OTllY2VlYjJhNzUzYTE",
"refsource": "CONFIRM",
"url": "https://www.sick.com/medias/SCA-2019-002.pdf?context=bWFzdGVyfGNvbnRlbnR8MjE5MDk1fGFwcGxpY2F0aW9uL3BkZnxjb250ZW50L2g3Yy9oNDEvMTAzMDY0NjAzNTI1NDIucGRmfDJlZTVmZjJmYzYwYmQ1ODQyZDBmMjA0OTc3ZDBjMmY1YzZkYzUzNzI0MWI0OGIyOTE0OTllY2VlYjJhNzUzYTE"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14753",
"datePublished": "2019-09-24T16:44:43",
"dateReserved": "2019-08-07T00:00:00",
"dateUpdated": "2024-08-05T00:26:38.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-23452
Vulnerability from cvelistv5
Published
2023-02-20 00:00
Modified
2024-08-02 10:28
Severity ?
EPSS score ?
Summary
Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sick.com/psirt |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | FX0-GPNT v3 Firmware |
Version: Version V3.04 and V3.05 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sick.com/psirt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FX0-GPNT v3 Firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version V3.04 and V3.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-20T00:00:00",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"url": "https://sick.com/psirt"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2023-23452",
"datePublished": "2023-02-20T00:00:00",
"dateReserved": "2023-01-12T00:00:00",
"dateUpdated": "2024-08-02T10:28:40.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-23444
Vulnerability from cvelistv5
Published
2023-05-12 12:39
Modified
2025-01-24 16:16
Severity ?
EPSS score ?
Summary
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sick.com/psirt | issue-tracking | |
| https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf | vendor-advisory | |
| https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json | x_csaf |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:41.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf"
},
{
"tags": [
"x_csaf",
"x_transferred"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T16:15:46.625483Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T16:16:26.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "UE410-EN3 FLEXI ETHERNET GATEW.",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "UE410-EN1 FLEXI ETHERNET GATEW.",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "UE410-EN4 FLEXI ETHERNET GATEW.",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GENT00000 FLEXISOFT EIP GATEW.",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GMOD00000 FLEXISOFT MOD GATEW.",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GPNT00000 FLEXISOFT PNET GATEW.",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GENT00030 FLEXISOFT EIP GATEW.V2",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GPNT00030 FLEXISOFT PNET GATEW.V2",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GMOD00010 FLEXISOFT MOD GW (C)",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX3-GEPR00000 FLEXISOFT EFI-PRO GW",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX3-GEPR00010 FLEXISOFT EFI-PRO GW",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GETC00000 FLEXISOFT ETC GW",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GETC00040 FLEXISOFT ETC GW",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GETC00010 FLEXISOFT ETC GW (C)",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GENT00010 FLEXISOFT EIP GW (C)",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GPNT00010 FLEXISOFT PNET GW (C)",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "UE410-EN3 FLEXI ETHERNET GATEW. Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "UE410-EN1 FLEXI ETHERNET GATEW. Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "UE410-EN4 FLEXI ETHERNET GATEW. Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GENT00000 FLEXISOFT EIP GATEW. Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GMOD00000 FLEXISOFT MOD GATEW. Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GPNT00000 FLEXISOFT PNET GATEW. Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GENT00030 FLEXISOFT EIP GATEW.V2 Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GMOD00010 FLEXISOFT MOD GW (C) Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX3-GEPR00000 FLEXISOFT EFI-PRO GW Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX3-GEPR00010 FLEXISOFT EFI-PRO GW Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GETC00000 FLEXISOFT ETC GW Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GETC00040 FLEXISOFT ETC GW Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GETC00010 FLEXISOFT ETC GW (C) Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GENT00010 FLEXISOFT EIP GW (C) Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
},
{
"defaultStatus": "affected",
"product": "FX0-GPNT00010 FLEXISOFT PNET GW (C) Firmware",
"vendor": "SICK AG",
"versions": [
{
"status": "affected",
"version": "all firmware versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets."
}
],
"value": "Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authentication for Critical Function",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-12T12:49:35.619Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf"
},
{
"tags": [
"x_csaf"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json"
}
],
"source": {
"discovery": "INTERNAL"
},
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "Please make sure that you apply general security practices when operating the Flexi Classic and Flexi Soft Gateways like network segmentation. The following General Security Practices and Operating Guidelines could mitigate the associated security risk."
}
],
"value": "Please make sure that you apply general security practices when operating the Flexi Classic and Flexi Soft Gateways like network segmentation. The following General Security Practices and Operating Guidelines could mitigate the associated security risk."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2023-23444",
"datePublished": "2023-05-12T12:39:26.532Z",
"dateReserved": "2023-01-12T04:07:53.938Z",
"dateUpdated": "2025-01-24T16:16:26.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-02-20 23:15
Modified
2024-11-21 07:46
Severity ?
Summary
Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@sick.de | https://sick.com/psirt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sick.com/psirt | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sick | fx0-gpnt00000_firmware | 3.04 | |
| sick | fx0-gpnt00000_firmware | 3.05 | |
| sick | fx0-gpnt00000 | - | |
| sick | fx0-gpnt00010_firmware | 3.04 | |
| sick | fx0-gpnt00010_firmware | 3.05 | |
| sick | fx0-gpnt00010 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:3.04:*:*:*:*:*:*:*",
"matchCriteriaId": "AE5D70D0-8AB7-4718-946F-8899FEF6DD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:3.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B5FC5162-066F-4FC0-875A-2BCD70B82842",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00010_firmware:3.04:*:*:*:*:*:*:*",
"matchCriteriaId": "718BD86C-0389-421F-BDA7-5A7635EEAD36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00010_firmware:3.05:*:*:*:*:*:*:*",
"matchCriteriaId": "3211E28A-7225-4E4C-9D43-77C8AF0D1781",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60B6F37A-78EE-4D1F-ACAE-FDE864F847B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000."
}
],
"id": "CVE-2023-23452",
"lastModified": "2024-11-21T07:46:13.673",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-20T23:15:12.447",
"references": [
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
}
],
"sourceIdentifier": "psirt@sick.de",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "psirt@sick.de",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-23 13:15
Modified
2024-11-21 08:41
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@sick.de | https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json | Vendor Advisory | |
| psirt@sick.de | https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf | Mitigation, Vendor Advisory | |
| psirt@sick.de | https://sick.com/psirt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sick.com/psirt | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sick | fx0-gent00000_firmware | - | |
| sick | fx0-gent00000 | - | |
| sick | fx0-gent00010_firmware | - | |
| sick | fx0-gent00010 | - | |
| sick | fx0-gent00030_firmware | - | |
| sick | fx0-gent00030 | - | |
| sick | fx0-get00000_firmware | - | |
| sick | fx0-get00000 | - | |
| sick | fx0-get00010_firmware | - | |
| sick | fx0-get00010 | - | |
| sick | fx0-gmod00000_firmware | - | |
| sick | fx0-gmod00000 | - | |
| sick | fx0-gmod00010_firmware | - | |
| sick | fx0-gmod00010 | - | |
| sick | fx0-gmod00030_firmware | - | |
| sick | fx0-gmod00030 | - | |
| sick | fx0-gpnt00000_firmware | - | |
| sick | fx0-gpnt00000 | - | |
| sick | fx0-gpnt00010_firmware | - | |
| sick | fx0-gpnt00010 | - | |
| sick | fx0-gpnt00030_firmware | - | |
| sick | fx0-gpnt00030 | - | |
| sick | fx0-gepr00000_firmware | - | |
| sick | fx0-gepr00000 | - | |
| sick | fx0-gepr00010_firmware | - | |
| sick | fx0-gepr00010 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8B658A-49DD-4F7C-9A20-191C8F6F3D8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB590A4-F5E4-4A17-B5A6-33A995C96BAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61689FA0-FB90-4E9F-B500-AADCF8D827BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gent00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAC00EB-BB15-4A65-A58D-B3015F7CFF85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "896EDB87-DB8E-4D82-83EB-65403F23FEB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1809BCF9-541E-4348-87A3-4CB37D680704",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-get00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04537E8-8C53-4CB7-BEB8-C2CDB15FEC3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-get00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A0E589-9A9F-4ABF-A1D0-53DE376D6E07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-get00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBC09BA-A57C-4CAA-B6B7-6FC7922E3862",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-get00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E01C2381-4CC3-49C7-A4FE-9A37754C2AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E87CA0E-7749-4F1E-B30B-78183ACF3170",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96296E7-65D3-4C0A-8126-4AA8BEF85B39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "925AD219-B3D3-42B6-99E6-E97298AE0A4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97742720-A8E3-49FE-BE43-EFF720F3D52D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gmod00030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "949735C8-09BE-453C-B83A-8BF80BD370B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gmod00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F18250E-A899-4210-A0D3-087438EFCEA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30BF991A-B66F-48B3-8902-D50C3B38A30D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00770E9A-64BC-4440-A921-49ECD5C5986D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60B6F37A-78EE-4D1F-ACAE-FDE864F847B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9447F86A-5967-4C97-AF69-369EF2BD2052",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CABEFF4-C0A4-4054-8174-7B3762BC0C3F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gepr00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B08EEEB3-7310-4382-9C30-B1F6CBC69582",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gepr00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41E76E7E-9840-4E37-A554-D0DE70E178E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gepr00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AF0E16-E0E7-4B5D-ABE3-02E27B4F9AC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gepr00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D5EB09-6970-4CD7-BE09-D563E73B55F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay."
},
{
"lang": "es",
"value": "Omisi\u00f3n de autenticaci\u00f3n mediante Capture-replay en SICK Flexi Soft Gateways con n\u00fameros de pieza 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 permite que un atacante remoto no autenticado afecte potencialmente la disponibilidad y la integridad y confidencialidad de las puertas de enlace mediante una omisi\u00f3n de autenticaci\u00f3n mediante capture-replay."
}
],
"id": "CVE-2023-5246",
"lastModified": "2024-11-21T08:41:22.023",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@sick.de",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-23T13:15:09.087",
"references": [
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"
},
{
"source": "psirt@sick.de",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"
},
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
}
],
"sourceIdentifier": "psirt@sick.de",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-19 23:15
Modified
2025-02-05 16:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number <=2311xxxx with Firmware <=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number <=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number <=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number <=2311xxxx with Firmware <=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@sick.de | https://sick.com/psirt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sick.com/psirt | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sick | ue410-en3_firmware | * | |
| sick | ue410-en3 | - | |
| sick | ue410-en1_firmware | * | |
| sick | ue410-en1 | - | |
| sick | ue410-en3s04_firmware | * | |
| sick | ue410-en3s04 | - | |
| sick | ue410-en4_firmware | * | |
| sick | ue410-en4 | - | |
| sick | fx0-gent00000_firmware | * | |
| sick | fx0-gent00000 | - | |
| sick | fx0-gmod00000_firmware | * | |
| sick | fx0-gmod00000 | - | |
| sick | fx0-gpnt00000_firmware | * | |
| sick | fx0-gpnt00000 | - | |
| sick | fx0-gent00030_firmware | * | |
| sick | fx0-gent00030 | - | |
| sick | fx0-gpnt00030_firmware | * | |
| sick | fx0-gpnt00030 | - | |
| sick | fx0-gmod00010_firmware | * | |
| sick | fx0-gmod00010 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ue410-en3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA9F3C9-61F5-4C21-9650-76C0FC9C51EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4C5D33-6A97-4509-8151-65D79F03F18A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ue410-en1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF96D6FC-3053-433E-8B7D-CEA3C7FC7CBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A963DB6B-C9A9-4B1D-A239-C7B608F2CBD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ue410-en3s04_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB62B37C-E8E4-4305-8F6A-127765CC54AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ue410-en3s04:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06416A50-B978-4F67-AA50-010ECBD2DB2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ue410-en4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30951A8A-8B78-4F58-8E8B-5697F89B332A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "593FA8EA-007A-47C0-9F22-89E420BBE0D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gent00000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87586615-29B4-46E4-9CE7-F7BB8F012155",
"versionEndIncluding": "2.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB590A4-F5E4-4A17-B5A6-33A995C96BAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gmod00000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "042B4FDB-BC05-43D6-84FC-F65203CDBE0D",
"versionEndIncluding": "2.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96296E7-65D3-4C0A-8126-4AA8BEF85B39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61F9ADB1-DBED-4AC6-9CED-C0CCAC7C31F7",
"versionEndIncluding": "2.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gent00030_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F133BB19-8D61-4BD7-B706-A3FD81E71ECD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1809BCF9-541E-4348-87A3-4CB37D680704",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00030_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96A20EA8-57F4-4CDD-8F44-F02E2FC010AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CABEFF4-C0A4-4054-8174-7B3762BC0C3F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gmod00010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D09286BA-A20C-44DA-BE0C-98EF4851BA73",
"versionEndIncluding": "2.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97742720-A8E3-49FE-BE43-EFF720F3D52D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration."
},
{
"lang": "es",
"value": "El Flexi Classic y Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de Firmware, SICK UE410-EN1 FLEXI ETHERNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de Firmware, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de Firmware, SICK UE410-EN4 FLEXI ETHERNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de firmware, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. con n\u00famero de serie \u0026lt;=2311xxxx con Firmware \u0026lt;=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. con n\u00famero de serie \u0026lt;=2311xxxx con Firmware \u0026lt;=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx con firmware \u0026lt;=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de firmware, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 con n\u00famero de serie \u0026lt;=2311xxxx todo el firmware Las versiones y SICK FX0-GMOD00010 FLEXISOFT MOD GW con n\u00famero de serie \u0026lt;=2311xxxx con firmware \u0026lt;=V2.11.0 tienen Telnet habilitado de forma predeterminada. No se establece ninguna contrase\u00f1a en la configuraci\u00f3n predeterminada."
}
],
"id": "CVE-2023-23451",
"lastModified": "2025-02-05T16:15:35.057",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-19T23:15:06.970",
"references": [
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
}
],
"sourceIdentifier": "psirt@sick.de",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-477"
}
],
"source": "psirt@sick.de",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-24 17:15
Modified
2024-11-21 04:27
Severity ?
Summary
SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories | Vendor Advisory | |
| cve@mitre.org | https://www.sick.com/medias/SCA-2019-002.pdf?context=bWFzdGVyfGNvbnRlbnR8MjE5MDk1fGFwcGxpY2F0aW9uL3BkZnxjb250ZW50L2g3Yy9oNDEvMTAzMDY0NjAzNTI1NDIucGRmfDJlZTVmZjJmYzYwYmQ1ODQyZDBmMjA0OTc3ZDBjMmY1YzZkYzUzNzI0MWI0OGIyOTE0OTllY2VlYjJhNzUzYTE | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sick.com/medias/SCA-2019-002.pdf?context=bWFzdGVyfGNvbnRlbnR8MjE5MDk1fGFwcGxpY2F0aW9uL3BkZnxjb250ZW50L2g3Yy9oNDEvMTAzMDY0NjAzNTI1NDIucGRmfDJlZTVmZjJmYzYwYmQ1ODQyZDBmMjA0OTc3ZDBjMmY1YzZkYzUzNzI0MWI0OGIyOTE0OTllY2VlYjJhNzUzYTE | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sick | fx0-gpnt00000_firmware | * | |
| sick | fx0-gpnt00000 | - | |
| sick | fx0-gent00000_firmware | * | |
| sick | fx0-gent00000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06B3A0E-0F98-4A8E-A7DF-E4226F4E1A06",
"versionEndIncluding": "3.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gent00000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0A085A-02AD-4BED-A16A-336532CAC65C",
"versionEndIncluding": "3.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB590A4-F5E4-4A17-B5A6-33A995C96BAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow"
},
{
"lang": "es",
"value": "Los dispositivos SICK FX0-GPNT00000 y FX0-GENT00000 hasta la versi\u00f3n 3.4.0 tienen un Desbordamiento de B\u00fafer."
}
],
"id": "CVE-2019-14753",
"lastModified": "2024-11-21T04:27:16.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-24T17:15:13.880",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sick.com/medias/SCA-2019-002.pdf?context=bWFzdGVyfGNvbnRlbnR8MjE5MDk1fGFwcGxpY2F0aW9uL3BkZnxjb250ZW50L2g3Yy9oNDEvMTAzMDY0NjAzNTI1NDIucGRmfDJlZTVmZjJmYzYwYmQ1ODQyZDBmMjA0OTc3ZDBjMmY1YzZkYzUzNzI0MWI0OGIyOTE0OTllY2VlYjJhNzUzYTE"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sick.com/medias/SCA-2019-002.pdf?context=bWFzdGVyfGNvbnRlbnR8MjE5MDk1fGFwcGxpY2F0aW9uL3BkZnxjb250ZW50L2g3Yy9oNDEvMTAzMDY0NjAzNTI1NDIucGRmfDJlZTVmZjJmYzYwYmQ1ODQyZDBmMjA0OTc3ZDBjMmY1YzZkYzUzNzI0MWI0OGIyOTE0OTllY2VlYjJhNzUzYTE"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-12 13:15
Modified
2025-01-24 17:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@sick.de | https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json | Vendor Advisory | |
| psirt@sick.de | https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf | Vendor Advisory | |
| psirt@sick.de | https://sick.com/psirt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sick.com/psirt | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sick | ue410-en4_firmware | - | |
| sick | ue410-en4 | - | |
| sick | ue410-en3_firmware | - | |
| sick | ue410-en3 | - | |
| sick | ue410-en1_firmware | - | |
| sick | ue410-en1 | - | |
| sick | fx0-gpnt00030_firmware | - | |
| sick | fx0-gpnt00030 | - | |
| sick | fx0-gpnt00010_firmware | - | |
| sick | fx0-gpnt00010 | - | |
| sick | fx0-gpnt00000_firmware | - | |
| sick | fx0-gpnt00000 | - | |
| sick | fx0-gmod00010_firmware | - | |
| sick | fx0-gmod00010 | - | |
| sick | fx0-gmod00000_firmware | - | |
| sick | fx0-gmod00000 | - | |
| sick | fx0-gent00030_firmware | - | |
| sick | fx0-gent00030 | - | |
| sick | fx0-gent00010_firmware | - | |
| sick | fx0-gent00010 | - | |
| sick | fx0-gent00000_firmware | - | |
| sick | fx0-gent00000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ue410-en4_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E3BEC1A-8FFB-47E6-A874-783A02593844",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "593FA8EA-007A-47C0-9F22-89E420BBE0D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ue410-en3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC9ADCE-3CEE-4FFD-894A-B8F9073C58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4C5D33-6A97-4509-8151-65D79F03F18A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ue410-en1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "598DD1E1-DF04-4C3D-9628-B57C653F4FAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A963DB6B-C9A9-4B1D-A239-C7B608F2CBD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9447F86A-5967-4C97-AF69-369EF2BD2052",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CABEFF4-C0A4-4054-8174-7B3762BC0C3F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00770E9A-64BC-4440-A921-49ECD5C5986D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60B6F37A-78EE-4D1F-ACAE-FDE864F847B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30BF991A-B66F-48B3-8902-D50C3B38A30D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "925AD219-B3D3-42B6-99E6-E97298AE0A4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97742720-A8E3-49FE-BE43-EFF720F3D52D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E87CA0E-7749-4F1E-B30B-78183ACF3170",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96296E7-65D3-4C0A-8126-4AA8BEF85B39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "896EDB87-DB8E-4D82-83EB-65403F23FEB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1809BCF9-541E-4348-87A3-4CB37D680704",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61689FA0-FB90-4E9F-B500-AADCF8D827BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gent00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAC00EB-BB15-4A65-A58D-B3015F7CFF85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8B658A-49DD-4F7C-9A20-191C8F6F3D8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB590A4-F5E4-4A17-B5A6-33A995C96BAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets."
}
],
"id": "CVE-2023-23444",
"lastModified": "2025-01-24T17:15:10.457",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@sick.de",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-12T13:15:09.350",
"references": [
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json"
},
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf"
},
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
}
],
"sourceIdentifier": "psirt@sick.de",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}