Vulnerabilities > Sick > Lms500 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-24 | CVE-2023-31412 | Use of Password Hash With Insufficient Computational Effort vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. | 7.5 |
| 2023-08-24 | CVE-2023-4418 | Resource Exhaustion vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its availability through a TCP SYN-based denial-of-service (DDoS) attack. | 7.5 |
| 2023-08-24 | CVE-2023-4419 | Use of Hard-coded Credentials vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device. | 8.8 |
| 2023-08-24 | CVE-2023-4420 | Missing Encryption of Sensitive Data vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware A remote unprivileged attacker can intercept the communication via e.g. | 7.4 |
| 2020-08-31 | CVE-2020-2075 | Improper Handling of Exceptional Conditions vulnerability in Sick products Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH. | 5.0 |