CVE-2023-5246

EUVD-2023-57571
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
SICK AGCNA
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
sickfx0-gent00000_firmware
-
sickfx0-gent00010_firmware
-
sickfx0-gent00030_firmware
-
sickfx0-get00000_firmware
-
sickfx0-get00010_firmware
-
sickfx0-gmod00000_firmware
-
sickfx0-gmod00010_firmware
-
sickfx0-gmod00030_firmware
-
sickfx0-gpnt00000_firmware
-
sickfx0-gpnt00010_firmware
-
sickfx0-gpnt00030_firmware
-
sickfx0-gepr00000_firmware
-
sickfx0-gepr00010_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json
https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf
https://sick.com/psirt
https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json
https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf
https://sick.com/psirt