← voltar
CVE-2023-23444

CVE-2023-23444

CVSS 7.5 HIGHEPSS 1.2%CWE-306
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
SICK AG · FX0-GENT00000 FLEXISOFT EIP GATEW.SICK AG · FX0-GENT00000 FLEXISOFT EIP GATEW. FirmwareSICK AG · FX0-GENT00010 FLEXISOFT EIP GW (C)SICK AG · FX0-GENT00010 FLEXISOFT EIP GW (C) FirmwareSICK AG · FX0-GENT00030 FLEXISOFT EIP GATEW.V2SICK AG · FX0-GENT00030 FLEXISOFT EIP GATEW.V2 FirmwareSICK AG · FX0-GETC00000 FLEXISOFT ETC GWSICK AG · FX0-GETC00000 FLEXISOFT ETC GW FirmwareSICK AG · FX0-GETC00010 FLEXISOFT ETC GW (C)SICK AG · FX0-GETC00010 FLEXISOFT ETC GW (C) FirmwareSICK AG · FX0-GETC00040 FLEXISOFT ETC GWSICK AG · FX0-GETC00040 FLEXISOFT ETC GW FirmwareSICK AG · FX0-GMOD00000 FLEXISOFT MOD GATEW.SICK AG · FX0-GMOD00000 FLEXISOFT MOD GATEW. FirmwareSICK AG · FX0-GMOD00010 FLEXISOFT MOD GW (C)SICK AG · FX0-GMOD00010 FLEXISOFT MOD GW (C) FirmwareSICK AG · FX0-GPNT00000 FLEXISOFT PNET GATEW.SICK AG · FX0-GPNT00000 FLEXISOFT PNET GATEW. FirmwareSICK AG · FX0-GPNT00010 FLEXISOFT PNET GW (C)SICK AG · FX0-GPNT00010 FLEXISOFT PNET GW (C) FirmwareSICK AG · FX0-GPNT00030 FLEXISOFT PNET GATEW.V2SICK AG · FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 FirmwareSICK AG · FX3-GEPR00000 FLEXISOFT EFI-PRO GWSICK AG · FX3-GEPR00000 FLEXISOFT EFI-PRO GW FirmwareSICK AG · FX3-GEPR00010 FLEXISOFT EFI-PRO GWSICK AG · FX3-GEPR00010 FLEXISOFT EFI-PRO GW FirmwareSICK AG · UE410-EN1 FLEXI ETHERNET GATEW.SICK AG · UE410-EN1 FLEXI ETHERNET GATEW. FirmwareSICK AG · UE410-EN3 FLEXI ETHERNET GATEW.SICK AG · UE410-EN3 FLEXI ETHERNET GATEW. FirmwareSICK AG · UE410-EN4 FLEXI ETHERNET GATEW.SICK AG · UE410-EN4 FLEXI ETHERNET GATEW. Firmware

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://sick.com/psirthttps://sick.com/.well-known/csaf/white/2023/sca-2023-0003.jsonhttps://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf