CVE-2023-23444

CVSS V2 None CVSS V3 None

Description

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.

Overview

CVE ID
CVE-2023-23444

Assigner
psirt@sick.de

Vulnerability Status
Received

Published Version
2023-05-12T13:15:09

Last Modified Date
2023-05-12T13:15:09

References

Reference URL	Reference Tags
https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json
https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf
https://sick.com/psirt

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-23444
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23444

History

Created	Old Value	New Value	Data Type	Notes
2023-05-12 14:00:45				Added to TrackCVE