Vulnerabilidades em SICK AG
112 resultadosCVE-2023-3271HIGHImproper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and downlEPSS 0.7%CVE-2026-2330CRITICALCVE-2026-2330EPSS 0.7%CVE-2023-23445HIGHImproper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers
1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows aEPSS 0.7%CVE-2023-35697MEDIUMImproper Restriction of Excessive Authentication Attempts in the SICK ICR890-4
could allow a remote attacker to brute-force user credentialsEPSS 0.7%CVE-2023-5288CRITICAL
A remote unauthorized attacker may connect to the SIM1012, interact with the device and
change configuration settings. The adversary may alEPSS 0.6%CVE-2023-43697MEDIUM
Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU allows an
unprivileged remote attacker to make the site unable to load EPSS 0.6%CVE-2023-43696HIGH
Improper Access Control in SICK APU allows an unprivileged remote attacker to
download as well as upload arbitrary files via anonymous acceEPSS 0.6%CVE-2023-43700HIGHMissing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authEPSS 0.6%CVE-2025-0867CRITICALPrivilege Escalation in MEAC300EPSS 0.6%CVE-2023-35698MEDIUMObservable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the rEPSS 0.6%CVE-2023-5102MEDIUM
Insufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker to potentially enable hidden functionalitEPSS 0.6%CVE-2023-5101MEDIUM
Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an
unprivileged remote attacker to download various files EPSS 0.6%CVE-2024-10773CRITICALSICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for pass-the-hash attacksEPSS 0.6%CVE-2026-22908CRITICALUploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity EPSS 0.5%CVE-2025-32470HIGHUnauthenticated change of IP adressEPSS 0.5%CVE-2025-27595CRITICALWeak hashing alghrythmEPSS 0.5%CVE-2025-32472MEDIUMDoS attack by conducting a slowloris-type attackEPSS 0.5%CVE-2026-22909HIGHCertain system functions may be accessed without proper authorization, allowing attackers to start, stop, or delete installed applications, EPSS 0.5%CVE-2026-22917MEDIUMImproper input handling in a system endpoint may allow attackers to overload resources, causing a denial of service.EPSS 0.5%CVE-2025-58582MEDIUMUncontrolled Resource Consumption via log fileEPSS 0.5%