CRITICAL🇵🇱 Wersja polska

CVE-2023-23453

CVSS 9.8v3.1pub. 2023-02-20upd. 2025-03-18

Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sick Fx0 Gent00000

    HW
    Sick
    wszystkie wersje
  • Sick Fx0 Gent00000 Firmware

    OS
    Sick
    3.043.05
  • Sick Fx0 Gent00010

    HW
    Sick
    wszystkie wersje
  • Sick Fx0 Gent00010 Firmware

    OS
    Sick
    3.043.05
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-23451CRITICAL9.8ten sam produkt

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx a...

CVE-2023-5246HIGH8.8ten sam produkt

Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282...

CVE-2023-23444HIGH7.5ten sam produkt

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 10...

CVE-2019-14753HIGH7.5ten sam produkt

SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow

CVE-2026-22907CRITICAL9.9PL ✓ten sam vendor

Nieautoryzowany dostęp do systemu plików hosta w SICK TDC-X401GL