Vulnerabilities > Sick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-46833 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sick products Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. | 6.5 |
| 2022-12-13 | CVE-2022-46834 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sick products Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. | 6.5 |
| 2022-11-01 | CVE-2022-27582 | Missing Authentication for Critical Function vulnerability in Sick products Password recovery vulnerability in SICK SIM4000 (PPC) Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |
| 2022-11-01 | CVE-2022-27584 | Missing Authentication for Critical Function vulnerability in Sick Sim2000St Firmware Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |
| 2022-11-01 | CVE-2022-27585 | Missing Authentication for Critical Function vulnerability in Sick Sim1000 FX Firmware Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware version <1.6.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |
| 2022-11-01 | CVE-2022-27586 | Missing Authentication for Critical Function vulnerability in Sick Sim1004-0P0G311 Firmware Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version <2.0.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |
| 2022-11-01 | CVE-2022-43989 | Missing Authentication for Critical Function vulnerability in Sick Sim2000-2P04G10 Firmware and Sim2500-2P03G10 Firmware Password recovery vulnerability in SICK SIM2x00 (ARM) Partnumber 1092673 and 1081902 with firmware version < 1.2.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 7.3 |
| 2022-11-01 | CVE-2022-43990 | Missing Authentication for Critical Function vulnerability in Sick Sim1012-0P0G200 Firmware Password recovery vulnerability in SICK SIM1012 Partnumber 1098146 with firmware version <2.2.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 7.3 |
| 2022-10-31 | CVE-2022-27583 | Unspecified vulnerability in Sick Flx3-Cpuc1 Firmware and Flx3-Cpuc2 Firmware A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact. | 9.1 |
| 2022-07-19 | CVE-2022-27579 | Deserialization of Untrusted Data vulnerability in Sick Flexi Soft Designer A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. | 7.8 |