CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-4420

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.1%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2023-4420

Sick » Lms500 » Version: N/A

cpe:2.3:h:sick:lms500:-
Sick » Lms511 » Version: N/A

cpe:2.3:h:sick:lms511:-
Sick » Lms531 » Version: N/A

cpe:2.3:h:sick:lms531:-
Sick » Lms500 Firmware » Version: N/A

cpe:2.3:o:sick:lms500_firmware:-
Sick » Lms511 Firmware » Version: N/A

cpe:2.3:o:sick:lms511_firmware:-
Sick » Lms511 Firmware » Version: 2.30

cpe:2.3:o:sick:lms511_firmware:2.30
Sick » Lms531 Firmware » Version: N/A

cpe:2.3:o:sick:lms531_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-4420

Products

Pricing

Contact Us