Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSick Fx0 Gent00000
HWSickwszystkie wersjeSick Fx0 Gent00000 Firmware
OSSick3.043.05Sick Fx0 Gent00010
HWSickwszystkie wersjeSick Fx0 Gent00010 Firmware
OSSick3.043.05
π΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
Related vulnerabilities
CVE-2023-23451CRITICAL9.8ten sam produkt
The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx a...
CVE-2023-5246HIGH8.8ten sam produkt
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282...
CVE-2023-23444HIGH7.5ten sam produkt
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 10...
CVE-2019-14753HIGH7.5ten sam produkt
SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow
CVE-2026-22907CRITICAL9.9PL βten sam vendor
Nieautoryzowany dostΔp do systemu plikΓ³w hosta w SICK TDC-X401GL