CVE-2023-5246

Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
SICK AGCNA
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
sickfx0-gent00000_firmware
-
sickfx0-gent00010_firmware
-
sickfx0-gent00030_firmware
-
sickfx0-get00000_firmware
-
sickfx0-get00010_firmware
-
sickfx0-gmod00000_firmware
-
sickfx0-gmod00010_firmware
-
sickfx0-gmod00030_firmware
-
sickfx0-gpnt00000_firmware
-
sickfx0-gpnt00010_firmware
-
sickfx0-gpnt00030_firmware
-
sickfx0-gepr00000_firmware
-
sickfx0-gepr00010_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json
https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf
https://sick.com/psirt
https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json
https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf
https://sick.com/psirt