Vulnerabilities > Sick > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-01 | CVE-2022-27585 | Missing Authentication for Critical Function vulnerability in Sick Sim1000 FX Firmware Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware version <1.6.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |
| 2022-11-01 | CVE-2022-27586 | Missing Authentication for Critical Function vulnerability in Sick Sim1004-0P0G311 Firmware Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version <2.0.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |
| 2022-10-31 | CVE-2022-27583 | Unspecified vulnerability in Sick Flx3-Cpuc1 Firmware and Flx3-Cpuc2 Firmware A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact. | 9.1 |
| 2022-04-11 | CVE-2022-27577 | Use of Insufficiently Random Values vulnerability in Sick Msc800 Firmware 4.0/4.10 The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. | 9.1 |
| 2020-07-29 | CVE-2020-2076 | Missing Authentication for Critical Function vulnerability in Sick Package Analytics 04.0.0 SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. | 9.8 |
| 2019-07-01 | CVE-2019-10979 | Use of Hard-coded Credentials vulnerability in Sick Msc800 Firmware SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password. | 9.8 |