CVE-2023-23444
First published: Fri May 12 2023(Updated: )
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.
Credit: psirt@sick.de
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sick Ue410-en4 Firmware | ||
| SICK UE410-EN4 | ||
| Sick Ue410-en3 Firmware | ||
| SICK UE410-EN3 | ||
| Sick Ue410-en1 Firmware | ||
| SICK UE410-EN1 | ||
| Sick Fx0-gpnt00030 Firmware | ||
| SICK FX0-GPNT00030 | ||
| Sick Fx0-gpnt00010 Firmware | ||
| Sick Fx0-gpnt00010 | ||
| Sick Fx0-gpnt00000 Firmware | ||
| SICK FX0-GPNT00000 | ||
| Sick Fx0-gmod00010 Firmware | ||
| SICK FX0-GMOD00010 | ||
| Sick Fx0-gmod00000 Firmware | ||
| SICK FX0-GMOD00000 | ||
| Sick Fx0-gent00030 Firmware | ||
| SICK FX0-GENT00030 | ||
| Sick Fx0-gent00010 Firmware | ||
| Sick Fx0-gent00010 | ||
| Sick Fx0-gent00000 Firmware | ||
| SICK FX0-GENT00000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-23444?
CVE-2023-23444 has a severity value of 8.2 (high).
Which software versions are affected by CVE-2023-23444?
SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 are affected by CVE-2023-23444.
How can an attacker exploit CVE-2023-23444?
An unauthenticated remote attacker can exploit CVE-2023-23444.
What is the Common Weakness Enumeration (CWE) for CVE-2023-23444?
The Common Weakness Enumeration (CWE) for CVE-2023-23444 is 306.
Where can I find more information about CVE-2023-23444?
More information about CVE-2023-23444 can be found on the SICK website at [insert link].
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/tags
- agent/event
- agent/type
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/sick
- canonical/sick ue410-en4 firmware
- canonical/sick ue410-en4
- canonical/sick ue410-en3 firmware
- canonical/sick ue410-en3
- canonical/sick ue410-en1 firmware
- canonical/sick ue410-en1
- canonical/sick fx0-gpnt00030 firmware
- canonical/sick fx0-gpnt00030
- canonical/sick fx0-gpnt00010 firmware
- canonical/sick fx0-gpnt00010
- canonical/sick fx0-gpnt00000 firmware
- canonical/sick fx0-gpnt00000
- canonical/sick fx0-gmod00010 firmware
- canonical/sick fx0-gmod00010
- canonical/sick fx0-gmod00000 firmware
- canonical/sick fx0-gmod00000
- canonical/sick fx0-gent00030 firmware
- canonical/sick fx0-gent00030
- canonical/sick fx0-gent00010 firmware
- canonical/sick fx0-gent00010
- canonical/sick fx0-gent00000 firmware
- canonical/sick fx0-gent00000