HIGH🇬🇧 English

CVE-2023-3273

CVSS 7.5v3.1pub. 2023-07-10upd. 2026-06-01

Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Sick Icr890 4

    HW
    Sick
    wszystkie wersje
  • Sick Icr890 4 Firmware

    OS
    Sick
    < 2.5.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-3270HIGH8.6ten sam produkt

Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated...

CVE-2023-3271HIGH8.2ten sam produkt

Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather informat...

CVE-2023-3272HIGH7.5ten sam produkt

Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather s...

CVE-2023-35696HIGH7.5ten sam produkt

Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sens...

CVE-2023-35697MEDIUM5.3ten sam produkt

Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker t...