cvelistv5 - CVE-2023-23451

CVE-2023-23451 (GCVE-0-2023-23451)

Vulnerability from cvelistv5

Published

2023-04-19 00:00

Modified

2025-02-05 15:24

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-477

Summary

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number <=2311xxxx with Firmware <=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number <=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number <=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number <=2311xxxx with Firmware <=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration.

References

URL

	Vendor	Product	Version
	N/A	SICK FX0-GENT00000, SICK FX0-GENT00030, SICK FX0-GMOD00000, SICK FX0-GMOD00010, SICK FX0-GPNT00000, SICK FX0-GPNT00030, SICK UE410-EN1, SICK UE410-EN3, SICK UE410-EN3S04, SICK UE410-EN4	Version: <=2311xxxx Version: <=V2.11.0

gsd-2023-23451

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2023-23451

Aliases

CVE-2023-23451

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-23451",
    "id": "GSD-2023-23451"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-23451"
      ],
      "details": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration.",
      "id": "GSD-2023-23451",
      "modified": "2023-12-13T01:20:49.948779Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@sick.de",
        "ID": "CVE-2023-23451",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SICK FX0-GENT00000, SICK FX0-GENT00030, SICK FX0-GMOD00000, SICK FX0-GMOD00010, SICK FX0-GPNT00000, SICK FX0-GPNT00030, SICK UE410-EN1, SICK UE410-EN3, SICK UE410-EN3S04, SICK UE410-EN4",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c=2311xxxx"
                        },
                        {
                          "version_value": "\u003c=V2.11.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "N/A"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-477"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://sick.com/psirt",
            "refsource": "MISC",
            "url": "https://sick.com/psirt"
          },
          {
            "name": "https://sick.com/psirt",
            "refsource": "MISC",
            "url": "https://sick.com/psirt"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:ue410-en3_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:ue410-en1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:ue410-en3s04_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:ue410-en3s04:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:ue410-en4_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:fx0-gent00000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.11.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:fx0-gmod00000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.11.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.12.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:fx0-gent00030_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:fx0-gpnt00030_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:fx0-gmod00010_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.11.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@sick.de",
          "ID": "CVE-2023-23451"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-306"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sick.com/psirt",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://sick.com/psirt"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-09-14T17:15Z",
      "publishedDate": "2023-04-19T23:15Z"
    }
  }
}

sca-2023-0002

Vulnerability from csaf_sick

Published

2023-04-11 10:00

Modified

2023-04-11 10:00

Summary

Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways

Notes

Several versions of the SICK Flexi Soft Gateways FX0-GENT, FX0-GMOD, FX0-GPNT and SICK Flexi Classic Gateway UE410 provide a Telnet interface for debugging, which is enabled by factory default. No password is set in the default configuration. If the password is not set by the customer, a remote unauthorized adversary could connect via Telnet. The adversary may use the debugging interface to subsequently gain access to the boot loader and in the worst case modify the firmware of the devices. Gateways with a serial number >2311xxxx have the Telnet interface disabled by factory default.

General Security Measures

As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.

Vulnerability Classification

SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "Several versions of the SICK Flexi Soft Gateways FX0-GENT, FX0-GMOD, FX0-GPNT and SICK Flexi Classic Gateway UE410 provide a Telnet interface for debugging, which is enabled by factory default. No password is set in the default configuration.\n\nIf the password is not set by the customer, a remote unauthorized adversary could connect via Telnet. The adversary may use the debugging interface to subsequently gain access to the boot loader and in the worst case modify the firmware of the devices.\n\nGateways with a serial number \u003e2311xxxx have the Telnet interface disabled by factory default."
      },
      {
        "category": "general",
        "text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
        "title": "General Security Measures"
      },
      {
        "category": "general",
        "text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
        "title": "Vulnerability Classification"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@sick.de",
      "issuing_authority": "SICK AG issues and issues in EHS products (when related to the Endress+Hauser SICK (EHS) joint venture).",
      "name": "SICK PSIRT",
      "namespace": "https://www.sick.com/psirt"
    },
    "references": [
      {
        "summary": "SICK PSIRT Security Advisories",
        "url": "https://sick.com/psirt"
      },
      {
        "summary": "SICK Operating Guidelines",
        "url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
      },
      {
        "summary": "ICS-CERT recommended practices on Industrial Security",
        "url": "http://ics-cert.us-cert.gov/content/recommended-practices"
      },
      {
        "summary": "CVSS v3.1 Calculator",
        "url": "https://www.first.org/cvss/calculator/3.1"
      },
      {
        "category": "self",
        "summary": "The canonical URL.",
        "url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0002.json"
      },
      {
        "category": "self",
        "summary": "The canonical PDF URL.",
        "url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0002.pdf"
      }
    ],
    "title": "Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways",
    "tracking": {
      "current_release_date": "2023-04-11T10:00:00.000Z",
      "generator": {
        "date": "2023-04-11T10:00:00.000Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.0.0"
        }
      },
      "id": "SCA-2023-0002",
      "initial_release_date": "2023-04-11T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2023-04-11T10:00:00.000Z",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2025-07-30T07:30:00.000Z",
          "number": "2",
          "summary": "Updated Advisory: URL for SICK Operating Guidelines has been updated"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0001",
                  "product_identification_helper": {
                    "skus": [
                      "1042193"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0002",
                  "product_identification_helper": {
                    "skus": [
                      "1042193"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN3 FLEXI ETHERNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0003",
                  "product_identification_helper": {
                    "skus": [
                      "1042964"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0004",
                  "product_identification_helper": {
                    "skus": [
                      "1042964"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN1 FLEXI ETHERNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0005",
                  "product_identification_helper": {
                    "skus": [
                      "1123789"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0006",
                  "product_identification_helper": {
                    "skus": [
                      "1123789"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN3S04 FLEXI ETHERNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0007",
                  "product_identification_helper": {
                    "skus": [
                      "1044078"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0008",
                  "product_identification_helper": {
                    "skus": [
                      "1044078"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN4 FLEXI ETHERNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0009",
                  "product_identification_helper": {
                    "skus": [
                      "1044072"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0010",
                  "product_identification_helper": {
                    "skus": [
                      "1044072"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GENT00000 FLEXISOFT EIP GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0011",
                  "product_identification_helper": {
                    "skus": [
                      "1044073"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0012",
                  "product_identification_helper": {
                    "skus": [
                      "1044073"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GMOD00000 FLEXISOFT MOD GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0013",
                  "product_identification_helper": {
                    "skus": [
                      "1044074"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0014",
                  "product_identification_helper": {
                    "skus": [
                      "1044074"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GPNT00000 FLEXISOFT PNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0015",
                  "product_identification_helper": {
                    "skus": [
                      "1099830"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0016",
                  "product_identification_helper": {
                    "skus": [
                      "1099830"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GENT00030 FLEXISOFT EIP GATEW.V2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0017",
                  "product_identification_helper": {
                    "skus": [
                      "1099832"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0018",
                  "product_identification_helper": {
                    "skus": [
                      "1099832"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GPNT00030 FLEXISOFT PNET GATEW.V2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0019",
                  "product_identification_helper": {
                    "skus": [
                      "1127717"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0020",
                  "product_identification_helper": {
                    "skus": [
                      "1127717"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. Firmware all versions",
                  "product_id": "CSAFPID-0021"
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN3 FLEXI ETHERNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. Firmware all versions",
                  "product_id": "CSAFPID-0022"
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN1 FLEXI ETHERNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. Firmware all versions",
                  "product_id": "CSAFPID-0023"
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN3S04 FLEXI ETHERNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. Firmware all versions",
                  "product_id": "CSAFPID-0024"
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN4 FLEXI ETHERNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=V2.11.0",
                "product": {
                  "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. Firmware \u003c=V2.11.0",
                  "product_id": "CSAFPID-0025"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GENT00000 FLEXISOFT EIP GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=V2.11.0",
                "product": {
                  "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. Firmware \u003c=V2.11.0",
                  "product_id": "CSAFPID-0026"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GMOD00000 FLEXISOFT MOD GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=V2.12.0",
                "product": {
                  "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. Firmware \u003c=V2.12.0",
                  "product_id": "CSAFPID-0027"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GPNT00000 FLEXISOFT PNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 Firmware all versions",
                  "product_id": "CSAFPID-0028"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GENT00030 FLEXISOFT EIP GATEW.V2 Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Firmware all versions",
                  "product_id": "CSAFPID-0029"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=V2.11.0",
                "product": {
                  "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) Firmware \u003c=V2.11.0",
                  "product_id": "CSAFPID-0030"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) Firmware"
          }
        ],
        "category": "vendor",
        "name": "SICK AG"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0031"
        },
        "product_reference": "CSAFPID-0021",
        "relates_to_product_reference": "CSAFPID-0001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0032"
        },
        "product_reference": "CSAFPID-0022",
        "relates_to_product_reference": "CSAFPID-0003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0033"
        },
        "product_reference": "CSAFPID-0023",
        "relates_to_product_reference": "CSAFPID-0005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0034"
        },
        "product_reference": "CSAFPID-0024",
        "relates_to_product_reference": "CSAFPID-0007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0035"
        },
        "product_reference": "CSAFPID-0025",
        "relates_to_product_reference": "CSAFPID-0009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0036"
        },
        "product_reference": "CSAFPID-0026",
        "relates_to_product_reference": "CSAFPID-0011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.12.0",
          "product_id": "CSAFPID-0037"
        },
        "product_reference": "CSAFPID-0027",
        "relates_to_product_reference": "CSAFPID-0013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0038"
        },
        "product_reference": "CSAFPID-0028",
        "relates_to_product_reference": "CSAFPID-0015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0039"
        },
        "product_reference": "CSAFPID-0029",
        "relates_to_product_reference": "CSAFPID-0017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0040"
        },
        "product_reference": "CSAFPID-0030",
        "relates_to_product_reference": "CSAFPID-0019"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0041"
        },
        "product_reference": "CSAFPID-0021",
        "relates_to_product_reference": "CSAFPID-0002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0042"
        },
        "product_reference": "CSAFPID-0022",
        "relates_to_product_reference": "CSAFPID-0004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0043"
        },
        "product_reference": "CSAFPID-0023",
        "relates_to_product_reference": "CSAFPID-0006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0044"
        },
        "product_reference": "CSAFPID-0024",
        "relates_to_product_reference": "CSAFPID-0008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003e2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0045"
        },
        "product_reference": "CSAFPID-0025",
        "relates_to_product_reference": "CSAFPID-0010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003e2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0046"
        },
        "product_reference": "CSAFPID-0026",
        "relates_to_product_reference": "CSAFPID-0012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003e2311xxxx with Firmware \u003c=V2.12.0",
          "product_id": "CSAFPID-0047"
        },
        "product_reference": "CSAFPID-0027",
        "relates_to_product_reference": "CSAFPID-0014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0048"
        },
        "product_reference": "CSAFPID-0028",
        "relates_to_product_reference": "CSAFPID-0016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0049"
        },
        "product_reference": "CSAFPID-0029",
        "relates_to_product_reference": "CSAFPID-0018"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) with serial number \u003e2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0050"
        },
        "product_reference": "CSAFPID-0030",
        "relates_to_product_reference": "CSAFPID-0020"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-23451",
      "cwe": {
        "id": "CWE-477",
        "name": "Use of Obsolete Function"
      },
      "notes": [
        {
          "category": "description",
          "text": "If the default password is not changed by the operator or customer, a remote unauthorized adversary may connect to the Flexi Soft Gateway via Telnet, interact with the device and change settings of the Gateway. The adversary may also reset the Gateway and in the worst case upload a new firmware version to the device that is then run under root privileges.\n\nSICK recommends to set a strong device individual password once the product is put into operation.",
          "title": "Description"
        },
        {
          "category": "summary",
          "text": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW., SICK UE410-EN1 FLEXI ETHERNET GATEW., SICK UE410-EN3S04 FLEXI ETHERNET GATEW., SICK UE410-EN4 FLEXI ETHERNET GATEW., SICK FX0-GENT00000 FLEXISOFT EIP GATEW., SICK FX0-GMOD00000 FLEXISOFT MOD GATEW., SICK FX0-GPNT00000 FLEXISOFT PNET GATEW., SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 and SICK FX0-GMOD00010 FLEXISOFT MOD GW. have Telnet enabled by factory default. No password is set in the default configuration.\n\nGateways with a serial number \u003e2311xxxx have the Telnet interface disabled by factory default.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0041",
          "CSAFPID-0042",
          "CSAFPID-0043",
          "CSAFPID-0044",
          "CSAFPID-0045",
          "CSAFPID-0046",
          "CSAFPID-0047",
          "CSAFPID-0048",
          "CSAFPID-0049",
          "CSAFPID-0050"
        ],
        "known_affected": [
          "CSAFPID-0031",
          "CSAFPID-0032",
          "CSAFPID-0033",
          "CSAFPID-0034",
          "CSAFPID-0035",
          "CSAFPID-0036",
          "CSAFPID-0037",
          "CSAFPID-0038",
          "CSAFPID-0039",
          "CSAFPID-0040"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "SICK recommends to set a strong password for the Telnet protocol once the Gateway is put into operation. It is possible to set a password with a maximum length of 15 characters.\n\nEnter the following commands to change the Telnet password:\n\n```bash\n$ telnet \u003cGateway-IP-Address\u003e\nPassword: \u003cold password\u003e [Enter]\npasswd \u003cutmost secure password, followed by [Enter]\u003e\nquit [Enter]\n\n$ telnet \u003cGateway-IP-Address\u003e\nPassword: \u003cnew password\u003e [Enter]\n```\n\nTest if [Enter] still works and if the new password is saved.",
          "product_ids": [
            "CSAFPID-0031",
            "CSAFPID-0032",
            "CSAFPID-0033",
            "CSAFPID-0034",
            "CSAFPID-0035",
            "CSAFPID-0036",
            "CSAFPID-0037",
            "CSAFPID-0038",
            "CSAFPID-0039",
            "CSAFPID-0040"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0031",
            "CSAFPID-0032",
            "CSAFPID-0033",
            "CSAFPID-0034",
            "CSAFPID-0035",
            "CSAFPID-0036",
            "CSAFPID-0037",
            "CSAFPID-0038",
            "CSAFPID-0039",
            "CSAFPID-0040"
          ]
        }
      ]
    }
  ]
}

SCA-2023-0002

Vulnerability from csaf_sick

Published

2023-04-11 10:00

Modified

2023-04-11 10:00

Summary

Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways

Notes

General Security Measures

Vulnerability Classification

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "Several versions of the SICK Flexi Soft Gateways FX0-GENT, FX0-GMOD, FX0-GPNT and SICK Flexi Classic Gateway UE410 provide a Telnet interface for debugging, which is enabled by factory default. No password is set in the default configuration.\n\nIf the password is not set by the customer, a remote unauthorized adversary could connect via Telnet. The adversary may use the debugging interface to subsequently gain access to the boot loader and in the worst case modify the firmware of the devices.\n\nGateways with a serial number \u003e2311xxxx have the Telnet interface disabled by factory default."
      },
      {
        "category": "general",
        "text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
        "title": "General Security Measures"
      },
      {
        "category": "general",
        "text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
        "title": "Vulnerability Classification"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@sick.de",
      "issuing_authority": "SICK AG issues and issues in EHS products (when related to the Endress+Hauser SICK (EHS) joint venture).",
      "name": "SICK PSIRT",
      "namespace": "https://www.sick.com/psirt"
    },
    "references": [
      {
        "summary": "SICK PSIRT Security Advisories",
        "url": "https://sick.com/psirt"
      },
      {
        "summary": "SICK Operating Guidelines",
        "url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
      },
      {
        "summary": "ICS-CERT recommended practices on Industrial Security",
        "url": "http://ics-cert.us-cert.gov/content/recommended-practices"
      },
      {
        "summary": "CVSS v3.1 Calculator",
        "url": "https://www.first.org/cvss/calculator/3.1"
      },
      {
        "category": "self",
        "summary": "The canonical URL.",
        "url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0002.json"
      },
      {
        "category": "self",
        "summary": "The canonical PDF URL.",
        "url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0002.pdf"
      }
    ],
    "title": "Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways",
    "tracking": {
      "current_release_date": "2023-04-11T10:00:00.000Z",
      "generator": {
        "date": "2023-04-11T10:00:00.000Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.0.0"
        }
      },
      "id": "SCA-2023-0002",
      "initial_release_date": "2023-04-11T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2023-04-11T10:00:00.000Z",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2025-07-30T07:30:00.000Z",
          "number": "2",
          "summary": "Updated Advisory: URL for SICK Operating Guidelines has been updated"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0001",
                  "product_identification_helper": {
                    "skus": [
                      "1042193"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0002",
                  "product_identification_helper": {
                    "skus": [
                      "1042193"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN3 FLEXI ETHERNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0003",
                  "product_identification_helper": {
                    "skus": [
                      "1042964"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0004",
                  "product_identification_helper": {
                    "skus": [
                      "1042964"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN1 FLEXI ETHERNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0005",
                  "product_identification_helper": {
                    "skus": [
                      "1123789"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0006",
                  "product_identification_helper": {
                    "skus": [
                      "1123789"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN3S04 FLEXI ETHERNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0007",
                  "product_identification_helper": {
                    "skus": [
                      "1044078"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0008",
                  "product_identification_helper": {
                    "skus": [
                      "1044078"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN4 FLEXI ETHERNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0009",
                  "product_identification_helper": {
                    "skus": [
                      "1044072"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0010",
                  "product_identification_helper": {
                    "skus": [
                      "1044072"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GENT00000 FLEXISOFT EIP GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0011",
                  "product_identification_helper": {
                    "skus": [
                      "1044073"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0012",
                  "product_identification_helper": {
                    "skus": [
                      "1044073"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GMOD00000 FLEXISOFT MOD GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0013",
                  "product_identification_helper": {
                    "skus": [
                      "1044074"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0014",
                  "product_identification_helper": {
                    "skus": [
                      "1044074"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GPNT00000 FLEXISOFT PNET GATEW."
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0015",
                  "product_identification_helper": {
                    "skus": [
                      "1099830"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0016",
                  "product_identification_helper": {
                    "skus": [
                      "1099830"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GENT00030 FLEXISOFT EIP GATEW.V2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0017",
                  "product_identification_helper": {
                    "skus": [
                      "1099832"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0018",
                  "product_identification_helper": {
                    "skus": [
                      "1099832"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GPNT00030 FLEXISOFT PNET GATEW.V2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "serial number \u003c=2311xxxx",
                "product": {
                  "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) with serial number \u003c=2311xxxx",
                  "product_id": "CSAFPID-0019",
                  "product_identification_helper": {
                    "skus": [
                      "1127717"
                    ]
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "serial number \u003e2311xxxx",
                "product": {
                  "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) with serial number \u003e2311xxxx",
                  "product_id": "CSAFPID-0020",
                  "product_identification_helper": {
                    "skus": [
                      "1127717"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. Firmware all versions",
                  "product_id": "CSAFPID-0021"
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN3 FLEXI ETHERNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. Firmware all versions",
                  "product_id": "CSAFPID-0022"
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN1 FLEXI ETHERNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. Firmware all versions",
                  "product_id": "CSAFPID-0023"
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN3S04 FLEXI ETHERNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. Firmware all versions",
                  "product_id": "CSAFPID-0024"
                }
              }
            ],
            "category": "product_name",
            "name": "UE410-EN4 FLEXI ETHERNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=V2.11.0",
                "product": {
                  "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. Firmware \u003c=V2.11.0",
                  "product_id": "CSAFPID-0025"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GENT00000 FLEXISOFT EIP GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=V2.11.0",
                "product": {
                  "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. Firmware \u003c=V2.11.0",
                  "product_id": "CSAFPID-0026"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GMOD00000 FLEXISOFT MOD GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=V2.12.0",
                "product": {
                  "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. Firmware \u003c=V2.12.0",
                  "product_id": "CSAFPID-0027"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GPNT00000 FLEXISOFT PNET GATEW. Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 Firmware all versions",
                  "product_id": "CSAFPID-0028"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GENT00030 FLEXISOFT EIP GATEW.V2 Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Firmware all versions",
                  "product_id": "CSAFPID-0029"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=V2.11.0",
                "product": {
                  "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) Firmware \u003c=V2.11.0",
                  "product_id": "CSAFPID-0030"
                }
              }
            ],
            "category": "product_name",
            "name": "FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) Firmware"
          }
        ],
        "category": "vendor",
        "name": "SICK AG"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0031"
        },
        "product_reference": "CSAFPID-0021",
        "relates_to_product_reference": "CSAFPID-0001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0032"
        },
        "product_reference": "CSAFPID-0022",
        "relates_to_product_reference": "CSAFPID-0003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0033"
        },
        "product_reference": "CSAFPID-0023",
        "relates_to_product_reference": "CSAFPID-0005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0034"
        },
        "product_reference": "CSAFPID-0024",
        "relates_to_product_reference": "CSAFPID-0007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0035"
        },
        "product_reference": "CSAFPID-0025",
        "relates_to_product_reference": "CSAFPID-0009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0036"
        },
        "product_reference": "CSAFPID-0026",
        "relates_to_product_reference": "CSAFPID-0011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.12.0",
          "product_id": "CSAFPID-0037"
        },
        "product_reference": "CSAFPID-0027",
        "relates_to_product_reference": "CSAFPID-0013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0038"
        },
        "product_reference": "CSAFPID-0028",
        "relates_to_product_reference": "CSAFPID-0015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0039"
        },
        "product_reference": "CSAFPID-0029",
        "relates_to_product_reference": "CSAFPID-0017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0040"
        },
        "product_reference": "CSAFPID-0030",
        "relates_to_product_reference": "CSAFPID-0019"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0041"
        },
        "product_reference": "CSAFPID-0021",
        "relates_to_product_reference": "CSAFPID-0002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0042"
        },
        "product_reference": "CSAFPID-0022",
        "relates_to_product_reference": "CSAFPID-0004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0043"
        },
        "product_reference": "CSAFPID-0023",
        "relates_to_product_reference": "CSAFPID-0006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0044"
        },
        "product_reference": "CSAFPID-0024",
        "relates_to_product_reference": "CSAFPID-0008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003e2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0045"
        },
        "product_reference": "CSAFPID-0025",
        "relates_to_product_reference": "CSAFPID-0010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003e2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0046"
        },
        "product_reference": "CSAFPID-0026",
        "relates_to_product_reference": "CSAFPID-0012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003e2311xxxx with Firmware \u003c=V2.12.0",
          "product_id": "CSAFPID-0047"
        },
        "product_reference": "CSAFPID-0027",
        "relates_to_product_reference": "CSAFPID-0014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0048"
        },
        "product_reference": "CSAFPID-0028",
        "relates_to_product_reference": "CSAFPID-0016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003e2311xxxx all Firmware versions",
          "product_id": "CSAFPID-0049"
        },
        "product_reference": "CSAFPID-0029",
        "relates_to_product_reference": "CSAFPID-0018"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK FX0-GMOD00010 FLEXISOFT MOD GW \u00a0(C) with serial number \u003e2311xxxx with Firmware \u003c=V2.11.0",
          "product_id": "CSAFPID-0050"
        },
        "product_reference": "CSAFPID-0030",
        "relates_to_product_reference": "CSAFPID-0020"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-23451",
      "cwe": {
        "id": "CWE-477",
        "name": "Use of Obsolete Function"
      },
      "notes": [
        {
          "category": "description",
          "text": "If the default password is not changed by the operator or customer, a remote unauthorized adversary may connect to the Flexi Soft Gateway via Telnet, interact with the device and change settings of the Gateway. The adversary may also reset the Gateway and in the worst case upload a new firmware version to the device that is then run under root privileges.\n\nSICK recommends to set a strong device individual password once the product is put into operation.",
          "title": "Description"
        },
        {
          "category": "summary",
          "text": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW., SICK UE410-EN1 FLEXI ETHERNET GATEW., SICK UE410-EN3S04 FLEXI ETHERNET GATEW., SICK UE410-EN4 FLEXI ETHERNET GATEW., SICK FX0-GENT00000 FLEXISOFT EIP GATEW., SICK FX0-GMOD00000 FLEXISOFT MOD GATEW., SICK FX0-GPNT00000 FLEXISOFT PNET GATEW., SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 and SICK FX0-GMOD00010 FLEXISOFT MOD GW. have Telnet enabled by factory default. No password is set in the default configuration.\n\nGateways with a serial number \u003e2311xxxx have the Telnet interface disabled by factory default.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0041",
          "CSAFPID-0042",
          "CSAFPID-0043",
          "CSAFPID-0044",
          "CSAFPID-0045",
          "CSAFPID-0046",
          "CSAFPID-0047",
          "CSAFPID-0048",
          "CSAFPID-0049",
          "CSAFPID-0050"
        ],
        "known_affected": [
          "CSAFPID-0031",
          "CSAFPID-0032",
          "CSAFPID-0033",
          "CSAFPID-0034",
          "CSAFPID-0035",
          "CSAFPID-0036",
          "CSAFPID-0037",
          "CSAFPID-0038",
          "CSAFPID-0039",
          "CSAFPID-0040"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "SICK recommends to set a strong password for the Telnet protocol once the Gateway is put into operation. It is possible to set a password with a maximum length of 15 characters.\n\nEnter the following commands to change the Telnet password:\n\n```bash\n$ telnet \u003cGateway-IP-Address\u003e\nPassword: \u003cold password\u003e [Enter]\npasswd \u003cutmost secure password, followed by [Enter]\u003e\nquit [Enter]\n\n$ telnet \u003cGateway-IP-Address\u003e\nPassword: \u003cnew password\u003e [Enter]\n```\n\nTest if [Enter] still works and if the new password is saved.",
          "product_ids": [
            "CSAFPID-0031",
            "CSAFPID-0032",
            "CSAFPID-0033",
            "CSAFPID-0034",
            "CSAFPID-0035",
            "CSAFPID-0036",
            "CSAFPID-0037",
            "CSAFPID-0038",
            "CSAFPID-0039",
            "CSAFPID-0040"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0031",
            "CSAFPID-0032",
            "CSAFPID-0033",
            "CSAFPID-0034",
            "CSAFPID-0035",
            "CSAFPID-0036",
            "CSAFPID-0037",
            "CSAFPID-0038",
            "CSAFPID-0039",
            "CSAFPID-0040"
          ]
        }
      ]
    }
  ]
}

fkie_cve-2023-23451

Vulnerability from fkie_nvd

Published

2023-04-19 23:15

Modified

2025-02-05 16:15

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	psirt@sick.de	https://sick.com/psirt	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sick.com/psirt	Vendor Advisory

Impacted products

Vendor	Product	Version
sick	ue410-en3_firmware	*
sick	ue410-en3	-
sick	ue410-en1_firmware	*
sick	ue410-en1	-
sick	ue410-en3s04_firmware	*
sick	ue410-en3s04	-
sick	ue410-en4_firmware	*
sick	ue410-en4	-
sick	fx0-gent00000_firmware	*
sick	fx0-gent00000	-
sick	fx0-gmod00000_firmware	*
sick	fx0-gmod00000	-
sick	fx0-gpnt00000_firmware	*
sick	fx0-gpnt00000	-
sick	fx0-gent00030_firmware	*
sick	fx0-gent00030	-
sick	fx0-gpnt00030_firmware	*
sick	fx0-gpnt00030	-
sick	fx0-gmod00010_firmware	*
sick	fx0-gmod00010	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:ue410-en3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA9F3C9-61F5-4C21-9650-76C0FC9C51EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4C5D33-6A97-4509-8151-65D79F03F18A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:ue410-en1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF96D6FC-3053-433E-8B7D-CEA3C7FC7CBA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A963DB6B-C9A9-4B1D-A239-C7B608F2CBD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:ue410-en3s04_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB62B37C-E8E4-4305-8F6A-127765CC54AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:ue410-en3s04:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06416A50-B978-4F67-AA50-010ECBD2DB2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:ue410-en4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30951A8A-8B78-4F58-8E8B-5697F89B332A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "593FA8EA-007A-47C0-9F22-89E420BBE0D4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:fx0-gent00000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87586615-29B4-46E4-9CE7-F7BB8F012155",
              "versionEndIncluding": "2.11.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAB590A4-F5E4-4A17-B5A6-33A995C96BAB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:fx0-gmod00000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "042B4FDB-BC05-43D6-84FC-F65203CDBE0D",
              "versionEndIncluding": "2.11.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D96296E7-65D3-4C0A-8126-4AA8BEF85B39",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61F9ADB1-DBED-4AC6-9CED-C0CCAC7C31F7",
              "versionEndIncluding": "2.12.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:fx0-gent00030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F133BB19-8D61-4BD7-B706-A3FD81E71ECD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1809BCF9-541E-4348-87A3-4CB37D680704",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:fx0-gpnt00030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96A20EA8-57F4-4CDD-8F44-F02E2FC010AA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CABEFF4-C0A4-4054-8174-7B3762BC0C3F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:fx0-gmod00010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D09286BA-A20C-44DA-BE0C-98EF4851BA73",
              "versionEndIncluding": "2.11.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97742720-A8E3-49FE-BE43-EFF720F3D52D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number \u003c=2311xxxx with Firmware \u003c=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number \u003c=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number \u003c=2311xxxx with Firmware \u003c=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration."
    },
    {
      "lang": "es",
      "value": "El Flexi Classic y Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de Firmware, SICK UE410-EN1 FLEXI ETHERNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de Firmware, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de Firmware, SICK UE410-EN4 FLEXI ETHERNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de firmware, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. con n\u00famero de serie \u0026lt;=2311xxxx con Firmware \u0026lt;=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. con n\u00famero de serie \u0026lt;=2311xxxx con Firmware \u0026lt;=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. con n\u00famero de serie \u0026lt;=2311xxxx con firmware \u0026lt;=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 con n\u00famero de serie \u0026lt;=2311xxxx todas las versiones de firmware, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 con n\u00famero de serie \u0026lt;=2311xxxx todo el firmware Las versiones y SICK FX0-GMOD00010 FLEXISOFT MOD GW con n\u00famero de serie \u0026lt;=2311xxxx con firmware \u0026lt;=V2.11.0 tienen Telnet habilitado de forma predeterminada. No se establece ninguna contrase\u00f1a en la configuraci\u00f3n predeterminada."
    }
  ],
  "id": "CVE-2023-23451",
  "lastModified": "2025-02-05T16:15:35.057",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-04-19T23:15:06.970",
  "references": [
    {
      "source": "psirt@sick.de",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sick.com/psirt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sick.com/psirt"
    }
  ],
  "sourceIdentifier": "psirt@sick.de",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-477"
        }
      ],
      "source": "psirt@sick.de",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-j4pp-rp58-2qhj

Vulnerability from github

Published

2023-04-20 00:30

Modified

2024-04-04 03:36

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW., SICK UE410-EN1 FLEXI ETHERNET GATEW., SICK UE410-EN3S04 FLEXI ETHERNET GATEW., SICK UE410-EN4 FLEXI ETHERNET GATEW., SICK FX0-GENT00000 FLEXISOFT EIP GATEW., SICK FX0-GMOD00000 FLEXISOFT MOD GATEW., SICK FX0-GPNT00000 FLEXISOFT PNET GATEW., SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 and SICK FX0-GMOD00010 FLEXISOFT MOD GW. have Telnet enabled by factory default. No password is set in the default configuration. Gateways with a serial number >2311xxxx have the Telnet interface disabled by factory default.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-23451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306",
      "CWE-477"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-19T23:15:06Z",
    "severity": "CRITICAL"
  },
  "details": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW., SICK UE410-EN1 FLEXI ETHERNET GATEW., SICK UE410-EN3S04 FLEXI ETHERNET GATEW., SICK UE410-EN4 FLEXI ETHERNET GATEW., SICK FX0-GENT00000 FLEXISOFT EIP GATEW., SICK FX0-GMOD00000 FLEXISOFT MOD GATEW., SICK FX0-GPNT00000 FLEXISOFT PNET GATEW., SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 and SICK FX0-GMOD00010 FLEXISOFT MOD GW. have Telnet enabled by factory default. No password is set in the default configuration. Gateways with a serial number \u003e2311xxxx have the Telnet interface disabled by factory default.",
  "id": "GHSA-j4pp-rp58-2qhj",
  "modified": "2024-04-04T03:36:30Z",
  "published": "2023-04-20T00:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23451"
    },
    {
      "type": "WEB",
      "url": "https://sick.com/psirt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-23451 (GCVE-0-2023-23451)

Vulnerability from cvelistv5

gsd-2023-23451

Vulnerability from gsd

sca-2023-0002

Vulnerability from csaf_sick

SCA-2023-0002

Vulnerability from csaf_sick

fkie_cve-2023-23451

Vulnerability from fkie_nvd

ghsa-j4pp-rp58-2qhj

Vulnerability from github

Tags

Sightings

Nomenclature