A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted.
Metrics
Affected Vendors & Products
References
History
Mon, 09 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Sick lms5xx
|
|
CPEs | cpe:2.3:h:sick:lms5xx:*:*:*:*:*:*:*:* | |
Vendors & Products |
Sick Ag
Sick Ag lms5xx |
Sick lms5xx
|
Wed, 02 Oct 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Sick Ag
Sick Ag lms5xx |
|
CPEs | cpe:2.3:h:sick_ag:lms5xx:*:*:*:*:*:*:*:* | |
Vendors & Products |
Sick Ag
Sick Ag lms5xx |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: SICK AG
Published: 2023-08-24T18:11:39.312Z
Updated: 2024-12-09T14:12:37.134Z
Reserved: 2023-08-18T13:09:48.275Z
Link: CVE-2023-4420
Vulnrichment
Updated: 2024-08-02T07:24:04.690Z
NVD
Status : Modified
Published: 2023-08-24T19:15:43.183
Modified: 2024-11-21T08:35:06.670
Link: CVE-2023-4420
Redhat
No data.