All the vulnerabilites related to SICK AG - FX0-GENT00010
cve-2023-5246
Vulnerability from cvelistv5
Published
2023-10-23 12:22
Modified
2024-09-11 16:17
Summary
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.
Impacted products
Vendor Product Version
SICK AG FX0-GMOD00010 Version: vers:all/*
SICK AG FX0-GMOD00030 Version: vers:all/*
SICK AG FX0-GPNT00000 Version: vers:all/*
SICK AG FX0-GPNT00010 Version: vers:all/*
SICK AG FX0-GPNT00030 Version: vers:all/*
SICK AG FX0-GETC00000 Version: vers:all/*
SICK AG FX0-GETC00010 Version: vers:all/*
SICK AG FX3-GEPR00000 Version: vers:all/*
SICK AG FX3-GEPR00010 Version: vers:all/*
SICK AG FX0-GENT00000 Version: vers:all/*
SICK AG FX0-GENT00010 Version: vers:all/*
SICK AG FX0-GENT00030 Version: vers:all/*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:52:08.511Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://sick.com/psirt"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"
          },
          {
            "tags": [
              "x_csaf",
              "x_transferred"
            ],
            "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-gmod00000_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-gmod00010_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-gmod00030_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-gmod00030_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-gpnt00000_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-gpnt00010_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-gpnt00030_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-getc00000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-getc00000",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-getc00010:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-getc00010",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx3-gepr00000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx3-gepr00000",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx3-gepr00010:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx3-gepr00010",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-gent00000_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-gent00010_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fx0-gent00030_firmware",
            "vendor": "sick",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5246",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-11T15:28:47.832868Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T16:17:17.559Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "FX0-GMOD00000",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GMOD00010",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GMOD00030",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GPNT00000",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GPNT00010",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GPNT00030",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GETC00000",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GETC00010",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX3-GEPR00000",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX3-GEPR00010",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GENT00000",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GENT00010",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GENT00030",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "vers:all/*"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": true,
              "type": "text/html",
              "value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay."
            }
          ],
          "value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authentication Bypass by Capture-replay",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-25T09:19:02.867Z",
        "orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
        "shortName": "SICK AG"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://sick.com/psirt"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"
        },
        {
          "tags": [
            "x_csaf"
          ],
          "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": true,
              "type": "text/html",
              "value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n"
            }
          ],
          "value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
    "assignerShortName": "SICK AG",
    "cveId": "CVE-2023-5246",
    "datePublished": "2023-10-23T12:22:19.895Z",
    "dateReserved": "2023-09-28T06:29:07.044Z",
    "dateUpdated": "2024-09-11T16:17:17.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}