CVE-2023-5288

A remote unauthorized attacker may connect to the SIM1012, interact with the device and
change configuration settings. The adversary may also reset the SIM and in the worst case upload a
new firmware version to the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SICK AGCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
sicksim1012-0p0g200_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.json
https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.pdf
https://sick.com/psirt
https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.json
https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.pdf
https://sick.com/psirt