The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSick Lms500
HWSickwszystkie wersjeSick Lms500 Firmware
OSSickwszystkie wersjeSick Lms511
HWSickwszystkie wersjeSick Lms511 Firmware
OSSickwszystkie wersjeSick Lms531
HWSickwszystkie wersjeSick Lms531 Firmware
OSSickwszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2023-4420CRITICAL9.8ten sam produkt
A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence ...
CVE-2023-31412HIGH7.5ten sam produkt
The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker mana...
CVE-2023-4418HIGH7.5ten sam produkt
A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its availability through a ...
CVE-2020-2075HIGH7.5ten sam produkt
Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutio...
CVE-2026-22907CRITICAL9.9PL ✓ten sam vendor
Nieautoryzowany dostęp do systemu plików hosta w SICK TDC-X401GL