Vulnerability Description
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sick | Icr890-4 Firmware | < 2.5.0 |
| Sick | Icr890-4 | - |
Related Weaknesses (CWE)
References
- https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.jsonVendor Advisory
- https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdfVendor Advisory
- https://sick.com/psirtProduct
- https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.jsonVendor Advisory
- https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdfVendor Advisory
- https://sick.com/psirtProduct
FAQ
What is CVE-2023-3273?
CVE-2023-3273 is a vulnerability with a CVSS score of 7.5 (HIGH). Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on...
How severe is CVE-2023-3273?
CVE-2023-3273 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-3273?
Check the references section above for vendor advisories and patch information. Affected products include: Sick Icr890-4 Firmware, Sick Icr890-4.