Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSick Fx0 Gent00000
HWSickwszystkie wersjeSick Fx0 Gent00000 Firmware
OSSick3.043.05Sick Fx0 Gent00010
HWSickwszystkie wersjeSick Fx0 Gent00010 Firmware
OSSick3.043.05
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
Powiązane podatności
CVE-2023-23451CRITICAL9.8ten sam produkt
The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx a...
CVE-2023-5246HIGH8.8ten sam produkt
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282...
CVE-2023-23444HIGH7.5ten sam produkt
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 10...
CVE-2019-14753HIGH7.5ten sam produkt
SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow
CVE-2026-22907CRITICAL9.9PL ✓ten sam vendor
Nieautoryzowany dostęp do systemu plików hosta w SICK TDC-X401GL