CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2023-5246
https://notcve.org/view.php?id=CVE-2023-5246
23 Oct 2023 — Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay. Omisión de autenticación mediante Capture-replay en SICK Flexi Soft Gateways con números de pieza 1044073, 1127717, 1130282, 1044074, 1... • https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json • CWE-287: Improper Authentication •
CVSS: 8.5EPSS: 0%CPEs: 22EXPL: 0CVE-2023-23444
https://notcve.org/view.php?id=CVE-2023-23444
12 May 2023 — Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets. • https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0CVE-2023-23451
https://notcve.org/view.php?id=CVE-2023-23451
19 Apr 2023 — The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GMO... • https://sick.com/psirt • CWE-306: Missing Authentication for Critical Function CWE-477: Use of Obsolete Function •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-23452
https://notcve.org/view.php?id=CVE-2023-23452
20 Feb 2023 — Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000. • https://sick.com/psirt • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-14753
https://notcve.org/view.php?id=CVE-2019-14753
24 Sep 2019 — SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow Los dispositivos SICK FX0-GPNT00000 y FX0-GENT00000 hasta la versión 3.4.0 tienen un Desbordamiento de Búfer. • https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •