Vulnerabilities > Sick > Lms531 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-24 CVE-2023-31412 Use of Password Hash With Insufficient Computational Effort vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware
The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs.
network
low complexity
sick CWE-916
7.5
2023-08-24 CVE-2023-4418 Resource Exhaustion vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware
A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its availability through a TCP SYN-based denial-of-service (DDoS) attack.
network
low complexity
sick CWE-400
7.5
2023-08-24 CVE-2023-4419 Use of Hard-coded Credentials vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware
The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device.
network
low complexity
sick CWE-798
8.8
2023-08-24 CVE-2023-4420 Missing Encryption of Sensitive Data vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware
A remote unprivileged attacker can intercept the communication via e.g.
network
high complexity
sick CWE-311
7.4
2020-08-31 CVE-2020-2075 Improper Handling of Exceptional Conditions vulnerability in Sick products
Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.
network
low complexity
sick CWE-755
7.5