Cleartext Transmission Vulnerability in SICK ICR890-4
CVE-2023-3272

7.5HIGH

Key Information:

Vendor
Sick Ag
Status
Icr890-4
Vendor
CVE Published:
10 July 2023

Summary

The SICK ICR890-4 is susceptible to vulnerabilities related to cleartext transmission of sensitive information. Remote attackers can potentially intercept unencrypted network traffic, leading to unauthorized access to confidential data. This lack of encryption in network communications poses a significant security risk, as it allows malicious entities to exploit the system for sensitive information. Organizations using the ICR890-4 are urged to implement measures to secure their network traffic and ensure data privacy.

Affected Version(s)

ICR890-4 0

References

https://sick.com/psirt
issue-tracking
https://sick.com/.well-known/csaf/white/2023/sca-2023-000...
vendor-advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-000...
x_csaf

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.