Unauthenticated Remote Attack to Influence Device Availability via UDP Packet Broadcast

Unauthenticated Remote Attack to Influence Device Availability via UDP Packet Broadcast

CVE-2023-23444 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.

Learn more about our Web Application Penetration Testing UK.