First published: Mon Oct 09 2023(Updated: )
Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication.
Credit: psirt@sick.de psirt@sick.de
Affected Software | Affected Version | How to fix |
---|---|---|
Sick Apu0200 Firmware | <4.0.0.6 | |
Sick Apu0200 |
The recommended solution is to update the image to a version >= 4.0.0.6 as soon as possible.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-43700.
The severity of CVE-2023-43700 is high with a severity value of 7.7.
The affected software for CVE-2023-43700 is Sick Apu0200 Firmware version up to exclusive 4.0.0.6.
An unprivileged remote attacker can exploit CVE-2023-43700 by modifying data via HTTP requests that do not require authentication.
No, Sick Apu0200 is not vulnerable to CVE-2023-43700.
No specific fix information is provided. It is recommended to follow the guidance from the vendor.
The Common Weakness Enumeration (CWE) ID for CVE-2023-43700 is CWE-862.