A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted.
History

Mon, 09 Dec 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Sick lms5xx
CPEs cpe:2.3:h:sick_ag:lms5xx:*:*:*:*:*:*:*:* cpe:2.3:h:sick:lms5xx:*:*:*:*:*:*:*:*
Vendors & Products Sick Ag
Sick Ag lms5xx
Sick lms5xx

Wed, 02 Oct 2024 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Sick Ag
Sick Ag lms5xx
CPEs cpe:2.3:h:sick_ag:lms5xx:*:*:*:*:*:*:*:*
Vendors & Products Sick Ag
Sick Ag lms5xx
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: SICK AG

Published: 2023-08-24T18:11:39.312Z

Updated: 2024-12-09T14:12:37.134Z

Reserved: 2023-08-18T13:09:48.275Z

Link: CVE-2023-4420

cve-icon Vulnrichment

Updated: 2024-08-02T07:24:04.690Z

cve-icon NVD

Status : Modified

Published: 2023-08-24T19:15:43.183

Modified: 2024-11-21T08:35:06.670

Link: CVE-2023-4420

cve-icon Redhat

No data.