CVE-2023-23444

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sick:ue410-en4_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:sick:ue410-en3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:sick:ue410-en1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gpnt00010:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gent00010:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*

History

26 May 2023, 18:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.2
First Time Sick fx0-gent00000
Sick ue410-en3
Sick ue410-en1
Sick fx0-gmod00000
Sick ue410-en3 Firmware
Sick fx0-gent00010 Firmware
Sick
Sick fx0-gpnt00030
Sick ue410-en1 Firmware
Sick fx0-gpnt00030 Firmware
Sick fx0-gmod00010 Firmware
Sick fx0-gpnt00000
Sick fx0-gpnt00010 Firmware
Sick fx0-gmod00010
Sick fx0-gmod00000 Firmware
Sick fx0-gent00030
Sick fx0-gpnt00000 Firmware
Sick fx0-gent00030 Firmware
Sick ue410-en4
Sick fx0-gpnt00010
Sick fx0-gent00010
Sick fx0-gent00000 Firmware
Sick ue410-en4 Firmware
CPE cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gent00010:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gpnt00010:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:ue410-en4_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:ue410-en1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:ue410-en3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*
CWE CWE-306
References (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf - (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf - Vendor Advisory
References (MISC) https://sick.com/psirt - (MISC) https://sick.com/psirt - Vendor Advisory
References (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json - (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json - Vendor Advisory

Information

Published : 2023-05-12 13:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-23444

Mitre link : CVE-2023-23444

CVE.ORG link : CVE-2023-23444


JSON object : View

Products Affected

sick

  • fx0-gmod00000_firmware
  • fx0-gent00030
  • fx0-gpnt00000
  • fx0-gpnt00010_firmware
  • ue410-en4_firmware
  • ue410-en4
  • fx0-gent00010
  • ue410-en3_firmware
  • fx0-gpnt00000_firmware
  • fx0-gpnt00030
  • fx0-gmod00000
  • fx0-gent00010_firmware
  • fx0-gpnt00010
  • fx0-gent00030_firmware
  • fx0-gent00000
  • fx0-gpnt00030_firmware
  • fx0-gmod00010_firmware
  • fx0-gent00000_firmware
  • fx0-gmod00010
  • ue410-en1
  • ue410-en3
  • ue410-en1_firmware
CWE
CWE-306

Missing Authentication for Critical Function