CVE-2023-5246

CVE-2023-5246

CVSS 8.8 HIGHEPSS 0.8%

Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Productos afectados

SICK AG · FX0-GENT00000 SICK AG · FX0-GENT00010 SICK AG · FX0-GENT00030 SICK AG · FX0-GETC00000 SICK AG · FX0-GETC00010 SICK AG · FX0-GMOD00000 SICK AG · FX0-GMOD00010 SICK AG · FX0-GMOD00030 SICK AG · FX0-GPNT00000 SICK AG · FX0-GPNT00010 SICK AG · FX0-GPNT00030 SICK AG · FX3-GEPR00000 SICK AG · FX3-GEPR00010

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://sick.com/psirt https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf