{ "id": "CVE-2023-23451", "sourceIdentifier": "psirt@sick.de", "published": "2023-04-19T23:15:06.970", "lastModified": "2023-09-14T17:15:11.450", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number <=2311xxxx with Firmware <=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number <=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number <=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number <=2311xxxx with Firmware <=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-306" } ] }, { "source": "psirt@sick.de", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-477" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:ue410-en3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2AA9F3C9-61F5-4C21-9650-76C0FC9C51EE" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F4C5D33-6A97-4509-8151-65D79F03F18A" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:ue410-en1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF96D6FC-3053-433E-8B7D-CEA3C7FC7CBA" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*", "matchCriteriaId": "A963DB6B-C9A9-4B1D-A239-C7B608F2CBD1" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:ue410-en3s04_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB62B37C-E8E4-4305-8F6A-127765CC54AD" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:ue410-en3s04:-:*:*:*:*:*:*:*", "matchCriteriaId": "06416A50-B978-4F67-AA50-010ECBD2DB2F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:ue410-en4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "30951A8A-8B78-4F58-8E8B-5697F89B332A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*", "matchCriteriaId": "593FA8EA-007A-47C0-9F22-89E420BBE0D4" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:fx0-gent00000_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.11.0", "matchCriteriaId": "87586615-29B4-46E4-9CE7-F7BB8F012155" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAB590A4-F5E4-4A17-B5A6-33A995C96BAB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:fx0-gmod00000_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.11.0", "matchCriteriaId": "042B4FDB-BC05-43D6-84FC-F65203CDBE0D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D96296E7-65D3-4C0A-8126-4AA8BEF85B39" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.12.0", "matchCriteriaId": "61F9ADB1-DBED-4AC6-9CED-C0CCAC7C31F7" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:fx0-gent00030_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F133BB19-8D61-4BD7-B706-A3FD81E71ECD" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*", "matchCriteriaId": "1809BCF9-541E-4348-87A3-4CB37D680704" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:fx0-gpnt00030_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "96A20EA8-57F4-4CDD-8F44-F02E2FC010AA" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CABEFF4-C0A4-4054-8174-7B3762BC0C3F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:sick:fx0-gmod00010_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.11.0", "matchCriteriaId": "D09286BA-A20C-44DA-BE0C-98EF4851BA73" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*", "matchCriteriaId": "97742720-A8E3-49FE-BE43-EFF720F3D52D" } ] } ] } ], "references": [ { "url": "https://sick.com/psirt", "source": "psirt@sick.de", "tags": [ "Vendor Advisory" ] } ] }