CVE-2023-23444 (GCVE-0-2023-23444)

Vulnerability from cvelistv5 – Published: 2023-05-12 12:39 – Updated: 2026-06-01 12:19
VLAI
Summary
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.
Severity
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • Missing Authentication for Critical Function
  • CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
Vendor Product Version
SICK AG UE410-EN3 FLEXI ETHERNET GATEW. Affected: all firmware versions
Create a notification for this product.
SICK AG UE410-EN1 FLEXI ETHERNET GATEW. Affected: all firmware versions
Create a notification for this product.
SICK AG UE410-EN4 FLEXI ETHERNET GATEW. Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GENT00000 FLEXISOFT EIP GATEW. Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GMOD00000 FLEXISOFT MOD GATEW. Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GPNT00000 FLEXISOFT PNET GATEW. Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GENT00030 FLEXISOFT EIP GATEW.V2 Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GMOD00010 FLEXISOFT MOD GW (C) Affected: all firmware versions
Create a notification for this product.
SICK AG FX3-GEPR00000 FLEXISOFT EFI-PRO GW Affected: all firmware versions
Create a notification for this product.
SICK AG FX3-GEPR00010 FLEXISOFT EFI-PRO GW Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GETC00000 FLEXISOFT ETC GW Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GETC00040 FLEXISOFT ETC GW Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GETC00010 FLEXISOFT ETC GW (C) Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GENT00010 FLEXISOFT EIP GW (C) Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GPNT00010 FLEXISOFT PNET GW (C) Affected: all firmware versions
Create a notification for this product.
SICK AG UE410-EN3 FLEXI ETHERNET GATEW. Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG UE410-EN1 FLEXI ETHERNET GATEW. Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG UE410-EN4 FLEXI ETHERNET GATEW. Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GENT00000 FLEXISOFT EIP GATEW. Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GMOD00000 FLEXISOFT MOD GATEW. Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GPNT00000 FLEXISOFT PNET GATEW. Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GENT00030 FLEXISOFT EIP GATEW.V2 Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GMOD00010 FLEXISOFT MOD GW (C) Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX3-GEPR00000 FLEXISOFT EFI-PRO GW Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX3-GEPR00010 FLEXISOFT EFI-PRO GW Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GETC00000 FLEXISOFT ETC GW Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GETC00040 FLEXISOFT ETC GW Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GETC00010 FLEXISOFT ETC GW (C) Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GENT00010 FLEXISOFT EIP GW (C) Firmware Affected: all firmware versions
Create a notification for this product.
SICK AG FX0-GPNT00010 FLEXISOFT PNET GW (C) Firmware Affected: all firmware versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:28:41.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://sick.com/psirt"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf"
          },
          {
            "tags": [
              "x_csaf",
              "x_transferred"
            ],
            "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23444",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-24T16:15:46.625483Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-306",
                "description": "CWE-306 Missing Authentication for Critical Function",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-24T16:16:26.175Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "UE410-EN3 FLEXI ETHERNET GATEW.",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "UE410-EN1 FLEXI ETHERNET GATEW.",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "UE410-EN4 FLEXI ETHERNET GATEW.",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GENT00000 FLEXISOFT EIP GATEW.",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GMOD00000 FLEXISOFT MOD GATEW.",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GPNT00000 FLEXISOFT PNET GATEW.",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GENT00030 FLEXISOFT EIP GATEW.V2",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GPNT00030 FLEXISOFT PNET GATEW.V2",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GMOD00010 FLEXISOFT MOD GW (C)",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX3-GEPR00000 FLEXISOFT EFI-PRO GW",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX3-GEPR00010 FLEXISOFT EFI-PRO GW",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GETC00000 FLEXISOFT ETC GW",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GETC00040 FLEXISOFT ETC GW",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GETC00010 FLEXISOFT ETC GW (C)",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GENT00010 FLEXISOFT EIP GW (C)",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GPNT00010 FLEXISOFT PNET GW (C)",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "UE410-EN3 FLEXI ETHERNET GATEW. Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "UE410-EN1 FLEXI ETHERNET GATEW. Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "UE410-EN4 FLEXI ETHERNET GATEW. Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GENT00000 FLEXISOFT EIP GATEW. Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GMOD00000 FLEXISOFT MOD GATEW. Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GPNT00000 FLEXISOFT PNET GATEW. Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GENT00030 FLEXISOFT EIP GATEW.V2 Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GMOD00010 FLEXISOFT MOD GW (C) Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX3-GEPR00000 FLEXISOFT EFI-PRO GW Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX3-GEPR00010 FLEXISOFT EFI-PRO GW Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GETC00000 FLEXISOFT ETC GW Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GETC00040 FLEXISOFT ETC GW Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GETC00010 FLEXISOFT ETC GW (C) Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GENT00010 FLEXISOFT EIP GW (C) Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "FX0-GPNT00010 FLEXISOFT PNET GW (C) Firmware",
          "vendor": "SICK AG",
          "versions": [
            {
              "status": "affected",
              "version": "all firmware versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets."
            }
          ],
          "value": "Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Missing Authentication for Critical Function",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-01T12:19:07.455Z",
        "orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
        "shortName": "SICK AG"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://sick.com/psirt"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf"
        },
        {
          "tags": [
            "x_csaf"
          ],
          "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Please make sure that you apply general security practices when operating the Flexi Classic and Flexi Soft Gateways like network segmentation. The following General Security Practices and Operating Guidelines could mitigate the associated security risk."
            }
          ],
          "value": "Please make sure that you apply general security practices when operating the Flexi Classic and Flexi Soft Gateways like network segmentation. The following General Security Practices and Operating Guidelines could mitigate the associated security risk."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
    "assignerShortName": "SICK AG",
    "cveId": "CVE-2023-23444",
    "datePublished": "2023-05-12T12:39:26.532Z",
    "dateReserved": "2023-01-12T04:07:53.938Z",
    "dateUpdated": "2026-06-01T12:19:07.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-23444",
      "date": "2026-06-03",
      "epss": "0.00885",
      "percentile": "0.75797"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-23444\",\"sourceIdentifier\":\"psirt@sick.de\",\"published\":\"2023-05-12T13:15:09.350\",\"lastModified\":\"2025-01-24T17:15:10.457\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@sick.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:ue410-en4_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3BEC1A-8FFB-47E6-A874-783A02593844\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"593FA8EA-007A-47C0-9F22-89E420BBE0D4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:ue410-en3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC9ADCE-3CEE-4FFD-894A-B8F9073C58CB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F4C5D33-6A97-4509-8151-65D79F03F18A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:ue410-en1_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"598DD1E1-DF04-4C3D-9628-B57C653F4FAD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A963DB6B-C9A9-4B1D-A239-C7B608F2CBD1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9447F86A-5967-4C97-AF69-369EF2BD2052\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CABEFF4-C0A4-4054-8174-7B3762BC0C3F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00770E9A-64BC-4440-A921-49ECD5C5986D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:fx0-gpnt00010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60B6F37A-78EE-4D1F-ACAE-FDE864F847B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30BF991A-B66F-48B3-8902-D50C3B38A30D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF3BF752-4F49-4E90-9790-1913ED64D8B3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"925AD219-B3D3-42B6-99E6-E97298AE0A4C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97742720-A8E3-49FE-BE43-EFF720F3D52D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E87CA0E-7749-4F1E-B30B-78183ACF3170\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D96296E7-65D3-4C0A-8126-4AA8BEF85B39\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"896EDB87-DB8E-4D82-83EB-65403F23FEB7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1809BCF9-541E-4348-87A3-4CB37D680704\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61689FA0-FB90-4E9F-B500-AADCF8D827BE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:fx0-gent00010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBAC00EB-BB15-4A65-A58D-B3015F7CFF85\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E8B658A-49DD-4F7C-9A20-191C8F6F3D8F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAB590A4-F5E4-4A17-B5A6-33A995C96BAB\"}]}]}],\"references\":[{\"url\":\"https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json\",\"source\":\"psirt@sick.de\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf\",\"source\":\"psirt@sick.de\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sick.com/psirt\",\"source\":\"psirt@sick.de\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sick.com/psirt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://sick.com/psirt\", \"tags\": [\"issue-tracking\", \"x_transferred\"]}, {\"url\": \"https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json\", \"tags\": [\"x_csaf\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T10:28:41.054Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-23444\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-24T16:15:46.625483Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-306\", \"description\": \"CWE-306 Missing Authentication for Critical Function\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-24T16:15:51.465Z\"}}], \"cna\": {\"source\": {\"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SICK AG\", \"product\": \"UE410-EN3 FLEXI ETHERNET GATEW.\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"UE410-EN1 FLEXI ETHERNET GATEW.\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"UE410-EN4 FLEXI ETHERNET GATEW.\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GENT00000 FLEXISOFT EIP GATEW.\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GMOD00000 FLEXISOFT MOD GATEW.\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GPNT00000 FLEXISOFT PNET GATEW.\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GENT00030 FLEXISOFT EIP GATEW.V2\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GPNT00030 FLEXISOFT PNET GATEW.V2\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GMOD00010 FLEXISOFT MOD GW (C)\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX3-GEPR00000 FLEXISOFT EFI-PRO GW\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX3-GEPR00010 FLEXISOFT EFI-PRO GW\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GETC00000 FLEXISOFT ETC GW\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GETC00040 FLEXISOFT ETC GW\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GETC00010 FLEXISOFT ETC GW (C)\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GENT00010 FLEXISOFT EIP GW (C)\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GPNT00010 FLEXISOFT PNET GW (C)\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"UE410-EN3 FLEXI ETHERNET GATEW. Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"UE410-EN1 FLEXI ETHERNET GATEW. Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"UE410-EN4 FLEXI ETHERNET GATEW. Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GENT00000 FLEXISOFT EIP GATEW. Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GMOD00000 FLEXISOFT MOD GATEW. Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GPNT00000 FLEXISOFT PNET GATEW. Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GENT00030 FLEXISOFT EIP GATEW.V2 Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GMOD00010 FLEXISOFT MOD GW (C) Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX3-GEPR00000 FLEXISOFT EFI-PRO GW Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX3-GEPR00010 FLEXISOFT EFI-PRO GW Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GETC00000 FLEXISOFT ETC GW Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GETC00040 FLEXISOFT ETC GW Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GETC00010 FLEXISOFT ETC GW (C) Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GENT00010 FLEXISOFT EIP GW (C) Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"SICK AG\", \"product\": \"FX0-GPNT00010 FLEXISOFT PNET GW (C) Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"all firmware versions\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://sick.com/psirt\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json\", \"tags\": [\"x_csaf\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Please make sure that you apply general security practices when operating the Flexi Classic and Flexi Soft Gateways like network segmentation. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Please make sure that you apply general security practices when operating the Flexi Classic and Flexi Soft Gateways like network segmentation. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Missing Authentication for Critical Function\"}]}], \"providerMetadata\": {\"orgId\": \"a6863dd2-93fc-443d-bef1-79f0b5020988\", \"shortName\": \"SICK AG\", \"dateUpdated\": \"2026-06-01T12:19:07.455Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-23444\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-01T12:19:07.455Z\", \"dateReserved\": \"2023-01-12T04:07:53.938Z\", \"assignerOrgId\": \"a6863dd2-93fc-443d-bef1-79f0b5020988\", \"datePublished\": \"2023-05-12T12:39:26.532Z\", \"assignerShortName\": \"SICK AG\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.