Cleartext Transmission Vulnerability in SICK ICR890-4
CVE-2023-3272

7.5HIGH

Key Information:

Vendor: Sick Ag
Status: Icr890-4
Vendor: CVE Published:; 10 July 2023

What is CVE-2023-3272?

The SICK ICR890-4 is susceptible to vulnerabilities related to cleartext transmission of sensitive information. Remote attackers can potentially intercept unencrypted network traffic, leading to unauthorized access to confidential data. This lack of encryption in network communications poses a significant security risk, as it allows malicious entities to exploit the system for sensitive information. Organizations using the ICR890-4 are urged to implement measures to secure their network traffic and ensure data privacy.

Affected Version(s)

ICR890-4 0

References

https://sick.com/psirt

issue-tracking

https://sick.com/.well-known/csaf/white/2023/sca-2023-000...

vendor-advisory

https://sick.com/.well-known/csaf/white/2023/sca-2023-000...

x_csaf

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2023
Vulnerability Reserved
Jun 15, 2023

Sick Ag

What is CVE-2023-3272?

Affected Version(s)

References

CVSS V3.1

Timeline