1. Home
  2. CVE Database
  3. CVE-2023-23444
HIGH · 7.5

CVE-2023-23444

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 11...

Vulnerability Description

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
SickUe410-En4 Firmware-
SickUe410-En4-
SickUe410-En3 Firmware-
SickUe410-En3-
SickUe410-En1 Firmware-
SickUe410-En1-
SickFx0-Gpnt00030 Firmware-
SickFx0-Gpnt00030-
SickFx0-Gpnt00010 Firmware-
SickFx0-Gpnt00010-
SickFx0-Gpnt00000 Firmware-
SickFx0-Gpnt00000-
SickFx0-Gmod00010 Firmware-
SickFx0-Gmod00010-
SickFx0-Gmod00000 Firmware-
SickFx0-Gmod00000-
SickFx0-Gent00030 Firmware-
SickFx0-Gent00030-
SickFx0-Gent00010 Firmware-
SickFx0-Gent00010-

Related Weaknesses (CWE)

CWE-306

References

FAQ

What is CVE-2023-23444?

CVE-2023-23444 is a vulnerability with a CVSS score of 7.5 (HIGH). Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 11...

How severe is CVE-2023-23444?

CVE-2023-23444 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-23444?

Check the references section above for vendor advisories and patch information. Affected products include: Sick Ue410-En4 Firmware, Sick Ue410-En4, Sick Ue410-En3 Firmware, Sick Ue410-En3, Sick Ue410-En1 Firmware.