CVE-2023-5246

Published: Oct 23, 2023

Modified: Jun 1, 2026

PUBLISHED

CVSS v3.1

8.8

HIGH

Description

Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.

Vendor	Product	Versions
SICK AG	FX0-GMOD00000	affected `vers:all/*`
SICK AG	FX0-GMOD00010	affected `vers:all/*`
SICK AG	FX0-GMOD00030	affected `vers:all/*`
SICK AG	FX0-GPNT00000	affected `vers:all/*`
SICK AG	FX0-GPNT00010	affected `vers:all/*`
SICK AG	FX0-GPNT00030	affected `vers:all/*`
SICK AG	FX0-GETC00000	affected `vers:all/*`
SICK AG	FX0-GETC00010	affected `vers:all/*`
SICK AG	FX3-GEPR00000	affected `vers:all/*`
SICK AG	FX3-GEPR00010	affected `vers:all/*`
SICK AG	FX0-GENT00000	affected `vers:all/*`
SICK AG	FX0-GENT00010	affected `vers:all/*`
SICK AG	FX0-GENT00030	affected `vers:all/*`

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://sick.com/psirt

issue-tracking

https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf

vendor-advisory

https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json

x_csaf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-5246

Description

Affected Products

CVSS v3.1 Details

References