CVE-2022-27583

Published: Oct 31, 2022Modified: May 7, 2025

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact.

Affected (2)

Products: Sick: Flx3 Cpuc1 Firmware, Flx3 Cpuc2 Firmware

Sick

2 products

Flx3 Cpuc1 Firmware

Flx3 Cpuc2 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Flx3 Cpuc1 Firmware	Before 1.10.0

Running on/with	Platform Versions
Sick Flx3 Cpuc1	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sick Flx3 Cpuc2 Firmware	Before 1.10.0

Running on/with	Platform Versions
Sick Flx3 Cpuc2	All versions

Related CWEs

CWE-285

Improper Authorization

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

References (2)

https://sick.com/psirt

Source: psirt@sick.de

Vendor Advisory

https://sick.com/psirt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.