Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-2075
HistoryAug 31, 2020 - 6:15 p.m.

CVE-2020-2075

2020-08-3118:15:13
CWE-755
CWE-703
[email protected]
web.nvd.nist.gov
16
cve-2020-2075
platform mechanism autoip
remote attackers
reboot
device
crafted packet
sick ag
bulkscan lms111
bulkscan lms511
clv62x
clv65x
icr890-3
lms10x
lms11x
lms15x
lms12x
lms13x
lms14x
lms5xx
lms53x
msc800
rfh
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.9%

JSON

Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.

Affected configurations

NVD
Node
sicklms111Match-
AND
sicklms111_firmwareRange<1.04
Node
sicklms511Match-
AND
sicklms511_firmwareRange<2.30
Node
sickclv620Match-
AND
sickclv620_firmware
Node
sickclv622Match-
AND
sickclv622_firmware
Node
sickclv621Match-
AND
sickclv621_firmware
Node
sickicr890-3Match-
AND
sickicr890-3_firmware
Node
sickmsc800Match-
AND
sickmsc800_firmwareRange<4.10
Node
sickrfhMatch-
AND
sickrfh_firmware
Node
sickclv650_firmware
AND
sickclv650Match-
Node
sickclv651_firmware
AND
sickclv651Match-
Node
sickclv631_firmware
AND
sickclv631Match-
Node
sickclv630_firmware
AND
sickclv630Match-
Node
sickclv632_firmware
AND
sickclv632Match-
Node
sickclv640_firmware
AND
sickclv640Match-
Node
sickclv642_firmware
AND
sickclv642Match-
Node
sicklms100_firmwareRange<2.0
AND
sicklms100Match-
Node
sicklms101_firmwareRange<2.0
AND
sicklms101Match-
Node
sicklms111_firmwareRange<2.0
AND
sicklms111Match-
Node
sicklms153_firmwareRange<2.0
AND
sicklms153Match-
Node
sicklms151_firmwareRange<2.0
AND
sicklms151Match-
Node
sicklms133_firmwareRange<2.10
AND
sicklms133Match-
Node
sicklms142_firmwareRange<2.10
AND
sicklms142Match-
Node
sicklms143_firmwareRange<2.10
AND
sicklms143Match-
Node
sicklms131_firmwareRange<2.10
AND
sicklms131Match-
Node
sicklms121_firmwareRange<2.10
AND
sicklms121Match-
Node
sicklms123_firmwareRange<2.10
AND
sicklms123Match-
Node
sicklms122_firmwareRange<2.10
AND
sicklms122Match-
Node
sicklms141_firmwareRange<2.10
AND
sicklms141Match-
Node
sicklms511_firmware
AND
sicklms511Match-
Node
sicklms531_firmware
AND
sicklms531Match-
Node
sicklms500_firmware
AND
sicklms500Match-
Node
sickicr890-3.5_firmware
AND
sickicr890-3.5Match-

CNA Affected

[
  {
    "product": "Bulkscan LMS111; Bulkscan LMS511; CLV62x – CLV65x; ICR890-3; LMS10x, LMS11x, LMS15x; LMS12x, LMS13x, LMS14x; LMS5xx, LMS53x; MSC800; RFH",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions < V1.04"
      },
      {
        "status": "affected",
        "version": "All Versions < V2.30"
      },
      {
        "status": "affected",
        "version": "All versions with Ethernet interface"
      },
      {
        "status": "affected",
        "version": "All ICR890-3 and ICR890-3.5 devices all versions"
      },
      {
        "status": "affected",
        "version": "All Versions < V2.0"
      },
      {
        "status": "affected",
        "version": "All Versions < V2.10"
      },
      {
        "status": "affected",
        "version": "All versions"
      },
      {
        "status": "affected",
        "version": "All Versions < V4.10"
      }
    ]
  }
]

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2020-2075
2020-08-31 17:09:07
nvd
nvd
CVE-2020-2075
2020-08-31 18:15:13
prion
prion
Code injection
2020-08-31 18:15:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.9%

JSON
Related for CVE-2020-2075
cvelist1nvd1prion1