CVE-2020-2075

Published: Aug 31, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.

Affected (32)

Products: Sick: Lms111 Firmware, Lms511 Firmware, Clv620 Firmware, Clv622 Firmware, Clv621 Firmware, Icr890 3 Firmware, Msc800 Firmware, Rfh Firmware, Clv650 Firmware, Clv651 Firmware, Clv631 Firmware, Clv630 Firmware, Clv632 Firmware, Clv640 Firmware, Clv642 Firmware, Lms100 Firmware, Lms101 Firmware, Lms153 Firmware, Lms151 Firmware, Lms133 Firmware, Lms142 Firmware, Lms143 Firmware, Lms131 Firmware, Lms121 Firmware, Lms123 Firmware, Lms122 Firmware, Lms141 Firmware, Lms531 Firmware, Lms500 Firmware, Icr890 3.5 Firmware

30 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sick Lms111 Firmware	Before 1.04

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Sick Lms511 Firmware	Before 2.30

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv620 Firmware	All versions

Running on/with	Platform Versions
Sick Clv620	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv622 Firmware	All versions

Running on/with	Platform Versions
Sick Clv622	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv621 Firmware	All versions

Running on/with	Platform Versions
Sick Clv621	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Icr890 3 Firmware	All versions

Running on/with	Platform Versions
Sick Icr890 3	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Msc800 Firmware	Before 4.10

Running on/with	Platform Versions
Sick Msc800	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Rfh Firmware	All versions

Running on/with	Platform Versions
Sick Rfh	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv650 Firmware	All versions

Running on/with	Platform Versions
Sick Clv650	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv651 Firmware	All versions

Running on/with	Platform Versions
Sick Clv651	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv631 Firmware	All versions

Running on/with	Platform Versions
Sick Clv631	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv630 Firmware	All versions

Running on/with	Platform Versions
Sick Clv630	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv632 Firmware	All versions

Running on/with	Platform Versions
Sick Clv632	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv640 Firmware	All versions

Running on/with	Platform Versions
Sick Clv640	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Clv642 Firmware	All versions

Running on/with	Platform Versions
Sick Clv642	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms100 Firmware	Before 2.0

Running on/with	Platform Versions
Sick Lms100	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms101 Firmware	Before 2.0

Running on/with	Platform Versions
Sick Lms101	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms111 Firmware	Before 2.0

Running on/with	Platform Versions
Sick Lms111	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms153 Firmware	Before 2.0

Running on/with	Platform Versions
Sick Lms153	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms151 Firmware	Before 2.0

Running on/with	Platform Versions
Sick Lms151	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms133 Firmware	Before 2.10

Running on/with	Platform Versions
Sick Lms133	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms142 Firmware	Before 2.10

Running on/with	Platform Versions
Sick Lms142	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms143 Firmware	Before 2.10

Running on/with	Platform Versions
Sick Lms143	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms131 Firmware	Before 2.10

Running on/with	Platform Versions
Sick Lms131	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms121 Firmware	Before 2.10

Running on/with	Platform Versions
Sick Lms121	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms123 Firmware	Before 2.10

Running on/with	Platform Versions
Sick Lms123	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms122 Firmware	Before 2.10

Running on/with	Platform Versions
Sick Lms122	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms141 Firmware	Before 2.10

Running on/with	Platform Versions
Sick Lms141	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms511 Firmware	All versions

Running on/with	Platform Versions
Sick Lms511	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms531 Firmware	All versions

Running on/with	Platform Versions
Sick Lms531	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Lms500 Firmware	All versions

Running on/with	Platform Versions
Sick Lms500	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Icr890 3.5 Firmware	All versions

Running on/with	Platform Versions
Sick Icr890 3.5	All versions

Related CWEs

CWE-703

Improper Check or Handling of Exceptional Conditions

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

CWE-755

Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

References (2)

https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories

Source: psirt@sick.de

Vendor Advisory

https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.