Vulnerability Description
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sick | Rfu650-10100 Firmware | < 2.21 |
| Sick | Rfu650-10100 | - |
| Sick | Rfu650-10101 Firmware | < 2.21 |
| Sick | Rfu650-10101 | - |
| Sick | Rfu650-10102 Firmware | < 2.21 |
| Sick | Rfu650-10102 | - |
| Sick | Rfu650-10103 Firmware | < 2.21 |
| Sick | Rfu650-10103 | - |
| Sick | Rfu650-10104 Firmware | < 2.21 |
| Sick | Rfu650-10104 | - |
| Sick | Rfu650-10105 Firmware | < 2.21 |
| Sick | Rfu650-10105 | - |
| Sick | Rfu650-10106 Firmware | < 2.21 |
| Sick | Rfu650-10106 | - |
Related Weaknesses (CWE)
References
- https://sick.com/psirtVendor Advisory
- https://sick.com/psirtVendor Advisory
FAQ
What is CVE-2022-46834?
CVE-2022-46834 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites ...
How severe is CVE-2022-46834?
CVE-2022-46834 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-46834?
Check the references section above for vendor advisories and patch information. Affected products include: Sick Rfu650-10100 Firmware, Sick Rfu650-10100, Sick Rfu650-10101 Firmware, Sick Rfu650-10101, Sick Rfu650-10102 Firmware.