OpenCVE

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Sick	Lms500 Lms500 Firmware Lms511 Lms511 Firmware Lms531 Lms531 Firmware
Sick Ag	Lms5xx

Configuration 1 [-]

AND

cpe:2.3:o:sick:lms531_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sick:lms531:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:sick:lms511_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sick:lms511:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:sick:lms500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sick:lms500:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json
https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf
https://sick.com/psirt

History

Wed, 02 Oct 2024 20:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Sick Ag Sick Ag lms5xx
CPEs		cpe:2.3:h:sick_ag:lms5xx::::::::
Vendors & Products		Sick Ag Sick Ag lms5xx
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: SICK AG

Published: 2023-08-24T18:11:39.312Z

Updated: 2024-10-02T20:00:43.779Z

Reserved: 2023-08-18T13:09:48.275Z

Link: CVE-2023-4420

Vulnrichment

Updated: 2024-08-02T07:24:04.690Z

NVD

Status : Modified

Published: 2023-08-24T19:15:43.183

Modified: 2024-11-21T08:35:06.670

Link: CVE-2023-4420

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4420", "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "state": "PUBLISHED", "assignerShortName": "SICK AG", "dateReserved": "2023-08-18T13:09:48.275Z", "datePublished": "2023-08-24T18:11:39.312Z", "dateUpdated": "2024-10-02T20:00:43.779Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "LMS5xx", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "all firmware versions"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": true, "type": "text/html", "value": "A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted."}], "value": "A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "Cleartext Transmission of Sensitive Information", "lang": "en"}]}], "providerMetadata": {"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "shortName": "SICK AG", "dateUpdated": "2023-08-24T18:11:39.312Z"}, "references": [{"tags": ["issue-tracking"], "url": "https://sick.com/psirt"}, {"tags": ["vendor-advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf"}, {"tags": ["x_csaf"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json"}], "source": {"discovery": "EXTERNAL"}, "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nPlease make sure that you apply general security practices when operating the LMS5xx. The\nfollowing General Security Practices and Operating Guidelines could mitigate the associated security\nrisk. It is also recommended to apply the security practices listed in the LMS5xx hardening guide.\n\n<br>"}], "value": "\nPlease make sure that you apply general security practices when operating the LMS5xx. The\nfollowing General Security Practices and Operating Guidelines could mitigate the associated security\nrisk. It is also recommended to apply the security practices listed in the LMS5xx hardening guide.\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:24:04.690Z"}, "title": "CVE Program Container", "references": [{"tags": ["issue-tracking", "x_transferred"], "url": "https://sick.com/psirt"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf"}, {"tags": ["x_csaf", "x_transferred"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json"}]}, {"affected": [{"vendor": "sick_ag", "product": "lms5xx", "cpes": ["cpe:2.3:h:sick_ag:lms5xx:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-02T19:59:02.293154Z", "id": "CVE-2023-4420", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-02T20:00:43.779Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sick.com/psirt", "tags": ["issue-tracking", "x_transferred"]}, {"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json", "tags": ["x_csaf", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:24:04.690Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4420", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-02T19:59:02.293154Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:sick_ag:lms5xx:*:*:*:*:*:*:*:*"], "vendor": "sick_ag", "product": "lms5xx", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-02T20:00:39.315Z"}}], "cna": {"source": {"discovery": "EXTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SICK AG", "product": "LMS5xx", "versions": [{"status": "affected", "version": "all firmware versions"}], "defaultStatus": "affected"}], "references": [{"url": "https://sick.com/psirt", "tags": ["issue-tracking"]}, {"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf", "tags": ["vendor-advisory"]}, {"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json", "tags": ["x_csaf"]}], "workarounds": [{"lang": "en", "value": "\nPlease make sure that you apply general security practices when operating the LMS5xx. The\nfollowing General Security Practices and Operating Guidelines could mitigate the associated security\nrisk. It is also recommended to apply the security practices listed in the LMS5xx hardening guide.\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\nPlease make sure that you apply general security practices when operating the LMS5xx. The\nfollowing General Security Practices and Operating Guidelines could mitigate the associated security\nrisk. It is also recommended to apply the security practices listed in the LMS5xx hardening guide.\n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted.", "supportingMedia": [{"type": "text/html", "value": "A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted.", "base64": true}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Cleartext Transmission of Sensitive Information"}]}], "providerMetadata": {"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "shortName": "SICK AG", "dateUpdated": "2023-08-24T18:11:39.312Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4420", "state": "PUBLISHED", "dateUpdated": "2024-10-02T20:00:43.779Z", "dateReserved": "2023-08-18T13:09:48.275Z", "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "datePublished": "2023-08-24T18:11:39.312Z", "assignerShortName": "SICK AG"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:lms531_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5943B624-D730-4679-8118-CD29CFB4CD1C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:lms531:-:*:*:*:*:*:*:*", "matchCriteriaId": "44AF5B79-0A15-4195-80F3-7304D8000D1A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:lms511_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F113FA6F-F3CC-43C7-97A4-D40F8F1F5E9F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:lms511:-:*:*:*:*:*:*:*", "matchCriteriaId": "9ABE387A-9B29-43DE-A4F1-EDD3CB8BEB6F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:lms500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DF24DAB-D1E4-4B14-B9CE-BFB52F9BDBC7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:lms500:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8A37D4F-969C-4496-BD10-13C903A41305", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted."}], "id": "CVE-2023-4420", "lastModified": "2024-11-21T08:35:06.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "psirt@sick.de", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-24T19:15:43.183", "references": [{"source": "psirt@sick.de", "tags": ["Vendor Advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json"}, {"source": "psirt@sick.de", "tags": ["Vendor Advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf"}, {"source": "psirt@sick.de", "tags": ["Vendor Advisory"], "url": "https://sick.com/psirt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://sick.com/psirt"}], "sourceIdentifier": "psirt@sick.de", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-311"}], "source": "nvd@nist.gov", "type": "Primary"}]}