CVE-2023-5246

CVE-2023-5246

CVSS 8.8 HIGHEPSS 0.8%

Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Produtos afetados

SICK AG · FX0-GENT00000 SICK AG · FX0-GENT00010 SICK AG · FX0-GENT00030 SICK AG · FX0-GETC00000 SICK AG · FX0-GETC00010 SICK AG · FX0-GMOD00000 SICK AG · FX0-GMOD00010 SICK AG · FX0-GMOD00030 SICK AG · FX0-GPNT00000 SICK AG · FX0-GPNT00010 SICK AG · FX0-GPNT00030 SICK AG · FX3-GEPR00000 SICK AG · FX3-GEPR00010

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://sick.com/psirt https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf