Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2023-23451
HistoryApr 19, 2023 - 11:15 p.m.

CVE-2023-23451

2023-04-1923:15:06
CWE-306
CWE-477
[email protected]
web.nvd.nist.gov
22
cve-2023-23451
telnet enabled
factory default
sick ue410
sick fx0
firmware versions
serial number
security vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.2%

JSON

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number <=2311xxxx with Firmware <=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number <=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number <=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number <=2311xxxx with Firmware <=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration.

Affected configurations

NVD
Node
sickue410-en3_firmware
AND
sickue410-en3Match-
Node
sickue410-en1_firmware
AND
sickue410-en1Match-
Node
sickue410-en3s04_firmware
AND
sickue410-en3s04Match-
Node
sickue410-en4_firmware
AND
sickue410-en4Match-
Node
sickfx0-gent00000_firmwareRange2.11.0
AND
sickfx0-gent00000Match-
Node
sickfx0-gmod00000_firmwareRange2.11.0
AND
sickfx0-gmod00000Match-
Node
sickfx0-gpnt00000_firmwareRange2.12.0
AND
sickfx0-gpnt00000Match-
Node
sickfx0-gent00030_firmware
AND
sickfx0-gent00030Match-
Node
sickfx0-gpnt00030_firmware
AND
sickfx0-gpnt00030Match-
Node
sickfx0-gmod00010_firmwareRange2.11.0
AND
sickfx0-gmod00010Match-

CNA Affected

[
  {
    "vendor": "N/A",
    "product": "SICK FX0-GENT00000, SICK FX0-GENT00030, SICK FX0-GMOD00000, SICK FX0-GMOD00010, SICK FX0-GPNT00000, SICK FX0-GPNT00030, SICK UE410-EN1, SICK UE410-EN3, SICK UE410-EN3S04, SICK UE410-EN4",
    "versions": [
      {
        "version": "<=2311xxxx",
        "status": "affected"
      },
      {
        "version": "<=V2.11.0",
        "status": "affected"
      }
    ]
  }
]

References

Related

prion 1
nvd 1
cvelist 1
prion
prion
Default credentials
2023-04-19 23:15:00
nvd
nvd
CVE-2023-23451
2023-04-19 23:15:06
cvelist
cvelist
CVE-2023-23451
2023-04-19 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.2%

JSON
Related for CVE-2023-23451
prion1nvd1cvelist1