Vulnerabilites related to sick - msc800_firmware
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:55
Severity ?
Summary
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@sick.de | https://sick.com/psirt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sick.com/psirt | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sick | msc800_firmware | * | |
| sick | msc800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:msc800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C26E15-D151-4466-9E3D-F3CFAB3D91ED",
"versionEndExcluding": "4.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:msc800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09CB55-1368-4623-8EB5-BAB2D57E4BC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el MSC800 en todas las versiones anteriores a 4.15 permite a un atacante predecir el n\u00famero de secuencia inicial TCP. Cuando la secuencia TCP es predecible, un atacante puede enviar paquetes falsificados para que parezcan proceder de un ordenador confiable. Estos paquetes falsificados podr\u00edan comprometer los servicios del MSC800. SICK ha publicado una nueva versi\u00f3n de firmware del SICK MSC800 y recomienda actualizar a la versi\u00f3n m\u00e1s reciente"
}
],
"id": "CVE-2022-27577",
"lastModified": "2024-11-21T06:55:58.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:22.027",
"references": [
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
}
],
"sourceIdentifier": "psirt@sick.de",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-342"
}
],
"source": "psirt@sick.de",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-31 18:15
Modified
2024-11-21 05:24
Severity ?
Summary
Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms111_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4E9439B-2153-4D66-8C8B-D7DED32BD81B",
"versionEndExcluding": "1.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms111:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67011E35-C9AB-40C5-8DCC-29FA82A5F880",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms511_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33CCFE2A-61B1-4565-8504-F26A0412A0CD",
"versionEndExcluding": "2.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABE387A-9B29-43DE-A4F1-EDD3CB8BEB6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97320450-2AEC-4E4A-9399-E2115AC4315A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A58D587-1663-4E99-85DA-80DCBF0486F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv622_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9D5448-F17A-4042-A8F8-EE261F3C3E9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv622:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8559D0CC-2CBE-4E4B-9FF9-43AECFFD27C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv621_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D07761A7-0CFE-4F43-9ADC-FCC28FA5ECFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv621:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5189BEF6-17B2-4F77-B8E3-85B00D977CBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:icr890-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9C80C4-52DA-40E2-8C38-8014F616D1AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:icr890-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A05BC1-4E78-494B-B6E2-5F1E721CC50B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:msc800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E01267B-42D2-4F29-BFEF-6AD37D48582A",
"versionEndExcluding": "4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:msc800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09CB55-1368-4623-8EB5-BAB2D57E4BC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:rfh_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7074A993-231B-45B9-ACC8-14594D420F16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:rfh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "983F3C0E-7C67-47EA-BD54-8F3B7BF5493A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A30918-7CA4-4C05-896B-20426A30D86F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3FB3E2F-1637-4861-AF22-D4BF59A7906D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv651_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BBD455-DA1C-4E86-BC99-143B22D4448F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv651:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2313BBE6-6679-4073-9FC0-51FBE9F0A8B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv631_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9ED42-6E5A-4456-B099-D08EB6ABB0DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv631:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0893F42F-EAB9-4D3D-9F94-4892C6890BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv630_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99BD27B2-E055-4C52-A817-577384497F87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC25E7-8C55-470A-B451-591A03CA2A40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv632_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEE9E96-1DA5-4EBD-8847-EAE418215C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv632:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82B0632E-A55F-4EA8-A132-0D11CE38FDC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv640_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B22CDFFC-AF15-4883-95F4-CE4D191EC482",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C721EE7D-D046-4AEF-80FA-217B5684419E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:clv642_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E632CA7-141B-495B-8A57-BC06867842AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:clv642:-:*:*:*:*:*:*:*",
"matchCriteriaId": "651F0D5C-F7DA-41A6-B3C3-B48C0662C855",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "118835C2-4939-4601-935A-032028D58E84",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A7D324-DBC8-4EBC-8AA2-E42C33E5758C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms101_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF828DD0-095A-4784-8D1A-87F3CF361297",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms101:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B5ED872-0E79-4901-96D9-27CBA55DAEA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms111_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D69045C1-7EF8-4F8E-8940-1171DB40F9D9",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms111:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67011E35-C9AB-40C5-8DCC-29FA82A5F880",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms153_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63031071-D70A-440F-8735-801AEEC0CC0D",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms153:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54A544C0-9ABD-46AD-B193-87C6EF7FF133",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms151_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A61E7FD6-BB7F-4FEB-A82F-6493B993C7D5",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms151:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D01238F-0776-493A-AD81-D0E14D2A4C71",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms133_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2054C96-9A9C-4FC8-8E8C-7D315BA73234",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms133:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B48111FA-BB11-4FF9-9CE0-42459229A60C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms142_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A83F4309-6C29-48F6-A276-95E5BC8330FA",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms142:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43602F20-5065-4965-BFC9-BFA581ED5ECC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms143_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55215A7C-B7D8-4D94-84FA-26939D9FAD1F",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms143:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F0ED4E-1AB0-4EAB-8D3F-E318DE3D51F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms131_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9543231B-6C33-4C66-95D0-1D2B49063F11",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms131:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9378A66C-EF01-4DFA-9E8C-4231FE0E8914",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms121_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8143104-4230-42EE-BA3C-73C10CA48667",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms121:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B7CE13-0E33-439B-866B-C0CD365919C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms123_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3E89AC-85E2-4279-87AC-31D89381F263",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms123:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB011CA-769D-4335-A57A-62B77AD9E0FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms122_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA825F2-A103-429B-BD61-08634033BA12",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms122:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C689D72-3D25-4C3F-BBF5-15691D18F9BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms141_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DB1AB8D-8116-46C1-8125-10DED10DE830",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms141:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24237BC0-BE8D-4EF8-A3C4-BEE1A8373481",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms511_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F113FA6F-F3CC-43C7-97A4-D40F8F1F5E9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABE387A-9B29-43DE-A4F1-EDD3CB8BEB6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms531_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5943B624-D730-4679-8118-CD29CFB4CD1C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms531:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44AF5B79-0A15-4195-80F3-7304D8000D1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:lms500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF24DAB-D1E4-4B14-B9CE-BFB52F9BDBC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:lms500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8A37D4F-969C-4496-BD10-13C903A41305",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:icr890-3.5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D253F05-FCF4-4E90-BC55-CC838C2297F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:icr890-3.5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F8A72B7-8433-4EC6-8384-89A52E519A58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x \u2013 CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH."
},
{
"lang": "es",
"value": "El mecanismo de plataforma AutoIP permite a atacantes remotos reiniciar el dispositivo por medio de un paquete dise\u00f1ado en las soluciones de SICK AG Bulkscan LMS111, Bulkscan LMS511, CLV62x - CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, RFH"
}
],
"id": "CVE-2020-2075",
"lastModified": "2024-11-21T05:24:33.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-31T18:15:13.170",
"references": [
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
}
],
"sourceIdentifier": "psirt@sick.de",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-703"
}
],
"source": "psirt@sick.de",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-01 21:15
Modified
2024-11-21 04:20
Severity ?
Summary
SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/108924 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories | ||
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-19-178-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108924 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-178-04 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sick | msc800_firmware | * | |
| sick | msc800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:msc800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BD24C0-833F-4134-930D-A196C1891098",
"versionEndExcluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:msc800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09CB55-1368-4623-8EB5-BAB2D57E4BC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password."
},
{
"lang": "es",
"value": "SICK MSC800 en todas las versiones anteriores a la versi\u00f3n 4.0, las versiones de firmware afectadas contienen una contrase\u00f1a de cuenta de cliente codificada."
}
],
"id": "CVE-2019-10979",
"lastModified": "2024-11-21T04:20:17.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-01T21:15:10.920",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108924"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-04"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2022-27577
Vulnerability from cvelistv5
Published
2022-04-11 19:37
Modified
2024-08-03 05:32
Severity ?
EPSS score ?
Summary
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sick.com/psirt | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | SICK MSC800 |
Version: All versions before 4.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sick.com/psirt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SICK MSC800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions before 4.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-342",
"description": "CWE-342",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:37:47",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sick.com/psirt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@sick.de",
"ID": "CVE-2022-27577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SICK MSC800",
"version": {
"version_data": [
{
"version_value": "All versions before 4.15"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-342"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sick.com/psirt",
"refsource": "MISC",
"url": "https://sick.com/psirt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2022-27577",
"datePublished": "2022-04-11T19:37:47",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-08-03T05:32:59.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10979
Vulnerability from cvelistv5
Published
2019-07-01 20:05
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/108924 | vdb-entry, x_refsource_BID | |
| https://www.us-cert.gov/ics/advisories/icsa-19-178-04 | x_refsource_MISC | |
| https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "108924",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MSC800",
"vendor": "SICK",
"versions": [
{
"status": "affected",
"version": "all versions prior to Version 4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "USE OF HARD-CODED CREDENTIALS CWE-798",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-01T12:53:22",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "108924",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-10979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MSC800",
"version": {
"version_data": [
{
"version_value": "all versions prior to Version 4.0"
}
]
}
}
]
},
"vendor_name": "SICK"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED CREDENTIALS CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "108924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108924"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-04",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-04"
},
{
"name": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories",
"refsource": "CONFIRM",
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-10979",
"datePublished": "2019-07-01T20:05:10",
"dateReserved": "2019-04-08T00:00:00",
"dateUpdated": "2024-08-04T22:40:15.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-2075
Vulnerability from cvelistv5
Published
2020-08-31 17:09
Modified
2024-08-04 06:54
Severity ?
EPSS score ?
Summary
Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Bulkscan LMS111; Bulkscan LMS511; CLV62x – CLV65x; ICR890-3; LMS10x, LMS11x, LMS15x; LMS12x, LMS13x, LMS14x; LMS5xx, LMS53x; MSC800; RFH |
Version: All Versions < V1.04 Version: All Versions < V2.30 Version: All versions with Ethernet interface Version: All ICR890-3 and ICR890-3.5 devices all versions Version: All Versions < V2.0 Version: All Versions < V2.10 Version: All versions Version: All Versions < V4.10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Bulkscan LMS111; Bulkscan LMS511; CLV62x \u2013 CLV65x; ICR890-3; LMS10x, LMS11x, LMS15x; LMS12x, LMS13x, LMS14x; LMS5xx, LMS53x; MSC800; RFH",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All Versions \u003c V1.04"
},
{
"status": "affected",
"version": "All Versions \u003c V2.30"
},
{
"status": "affected",
"version": "All versions with Ethernet interface"
},
{
"status": "affected",
"version": "All ICR890-3 and ICR890-3.5 devices all versions"
},
{
"status": "affected",
"version": "All Versions \u003c V2.0"
},
{
"status": "affected",
"version": "All Versions \u003c V2.10"
},
{
"status": "affected",
"version": "All versions"
},
{
"status": "affected",
"version": "All Versions \u003c V4.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x \u2013 CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T17:09:07",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@sick.de",
"ID": "CVE-2020-2075",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Bulkscan LMS111; Bulkscan LMS511; CLV62x \u2013 CLV65x; ICR890-3; LMS10x, LMS11x, LMS15x; LMS12x, LMS13x, LMS14x; LMS5xx, LMS53x; MSC800; RFH",
"version": {
"version_data": [
{
"version_value": "All Versions \u003c V1.04"
},
{
"version_value": "All Versions \u003c V2.30"
},
{
"version_value": "All versions with Ethernet interface"
},
{
"version_value": "All ICR890-3 and ICR890-3.5 devices all versions"
},
{
"version_value": "All Versions \u003c V2.0"
},
{
"version_value": "All Versions \u003c V2.10"
},
{
"version_value": "All versions"
},
{
"version_value": "All Versions \u003c V4.10"
},
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x \u2013 CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-703: Improper Check or Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories",
"refsource": "MISC",
"url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2020-2075",
"datePublished": "2020-08-31T17:09:07",
"dateReserved": "2019-12-04T00:00:00",
"dateUpdated": "2024-08-04T06:54:00.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}