SCA-2023-0006
Vulnerability from csaf_sick - Published: 2023-07-10 13:00 - Updated: 2023-07-10 13:00Summary
Vulnerabilities in SICK ICR890-4
Notes
SICK has found several security vulnerabilities in the SICK ICR890-4. If exploited, these could allow an unauthenticated remote attacker to compromise the availability or confidentiality of the SICK ICR890-4. Currently, SICK is not aware of any public exploits that specifically target any of the vulnerabilities.
SICK has released a new version of the SICK ICR890-4 firmware and recommends updating to the latest version.
General Security Measures: As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.
Vulnerability Classification: SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.
Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthetnticated remote attacker to retrieve sensitive information about the system.
8.6 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-0004 | — |
Workaround
|
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.
8.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-0004 | — |
Vendor Fix
|
Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted.
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-0004 | — |
Workaround
|
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-0004 | — |
Workaround
|
Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-0005 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-0004 | — |
Vendor Fix
|
Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-0004 | — |
Vendor Fix
|
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-0004 | — |
Vendor Fix
|
Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-0004 | — |
Mitigation
|
References
6 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "SICK has found several security vulnerabilities in the SICK ICR890-4. If exploited, these could allow an unauthenticated remote attacker to compromise the availability or confidentiality of the SICK ICR890-4. Currently, SICK is not aware of any public exploits that specifically target any of the vulnerabilities. \n\nSICK has released a new version of the SICK ICR890-4 firmware and recommends updating to the latest version."
},
{
"category": "general",
"text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Security Measures"
},
{
"category": "general",
"text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
"title": "Vulnerability Classification"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@sick.de",
"issuing_authority": "SICK PSIRT is responsible for any vulnerabilities related to SICK products.",
"name": "SICK PSIRT",
"namespace": "https://www.sick.com/psirt"
},
"references": [
{
"summary": "SICK PSIRT Security Advisories",
"url": "https://www.sick.com/psirt"
},
{
"summary": "SICK Operating Guidelines",
"url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
},
{
"summary": "ICS-CERT recommended practices on Industrial Security",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"summary": "CVSS v3.1 Calculator",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"category": "self",
"summary": "The canonical URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
},
{
"category": "self",
"summary": "The canonical PDF URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
}
],
"title": "Vulnerabilities in SICK ICR890-4",
"tracking": {
"current_release_date": "2023-07-10T13:00:00.000Z",
"generator": {
"date": "2023-12-04T10:33:21.417Z",
"engine": {
"name": "Secvisogram",
"version": "2.2.16"
}
},
"id": "SCA-2023-0006",
"initial_release_date": "2023-07-10T13:00:00.000Z",
"revision_history": [
{
"date": "2023-07-10T13:00:00.000Z",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2023-12-04T11:00:00.000Z",
"number": "2",
"summary": "Added self reference in CSAF"
},
{
"date": "2025-07-30T07:30:00.000Z",
"number": "3",
"summary": "Updated Advisory: URL for SICK Operating Guidelines has been updated"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK ICR890-4 all versions",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"x_generic_uris": [
{
"namespace": "SICK:Website",
"uri": "SICK:Website:https://www.sick.com/de/de/systemloesungen/track-and-trace-systeme/icr-identification-system/c/g555825"
}
]
}
}
}
],
"category": "product_name",
"name": "ICR890-4"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.5.0",
"product": {
"name": "SICK ICR890-4 Firmware \u003cV2.5.0",
"product_id": "CSAFPID-0002"
}
},
{
"category": "product_version",
"name": "V2.5.0",
"product": {
"name": "SICK ICR890-4 Firmware V2.5.0",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "ICR890-4 Firmware"
}
],
"category": "vendor",
"name": "SICK AG"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "SICK ICR890-4 with Firmware \u003cV2.5.0",
"product_id": "CSAFPID-0004"
},
"product_reference": "CSAFPID-0002",
"relates_to_product_reference": "CSAFPID-0001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK ICR890-4 all versions with Firmware V2.5.0",
"product_id": "CSAFPID-0005"
},
"product_reference": "CSAFPID-0003",
"relates_to_product_reference": "CSAFPID-0001"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3270",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "description",
"text": "Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthetnticated remote attacker to retrieve sensitive information about the system.",
"title": "CVE description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "workaround",
"details": "SICK recommends to disable port 2111 \u0026 2122 once the SICK ICR890-4 is put into operation.",
"product_ids": [
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.6,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 8.6,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004"
]
}
],
"title": "Exposure of Sensitive Information to an Unauthorized Actor in SICK ICR890-4"
},
{
"cve": "CVE-2023-3271",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "description",
"text": "Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.",
"title": "CVE description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
"product_ids": [
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0004"
]
}
],
"title": "Improper Access Control in SICK ICR890-4"
},
{
"cve": "CVE-2023-3272",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "description",
"text": "Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted.",
"title": "CVE description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "workaround",
"details": "SICK recommends to disable port 2111 \u0026 2122 once the SICK ICR890-4 is put into operation.",
"product_ids": [
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004"
]
}
],
"title": "Cleartext Transmission of Sensitive Information in SICK ICR890-4"
},
{
"cve": "CVE-2023-3273",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "description",
"text": "Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.",
"title": "CVE description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "workaround",
"details": "SICK recommends to disable port 2111 \u0026 2122 once the SICK ICR890-4 is put into operation.",
"product_ids": [
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0004"
]
}
],
"title": "Improper Access Control in SICK ICR890-4"
},
{
"cve": "CVE-2023-35696",
"cwe": {
"id": "CWE-668",
"name": "Exposure of Resource to Wrong Sphere"
},
"notes": [
{
"category": "description",
"text": "Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-0005"
],
"known_affected": [
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
"product_ids": [
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004"
]
}
],
"title": "Exposure of Resource to Wrong Sphere in SICK ICR890-4"
},
{
"cve": "CVE-2023-35697",
"cwe": {
"id": "CWE-307",
"name": "Improper Restriction of Excessive Authentication Attempts"
},
"notes": [
{
"category": "description",
"text": "Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.",
"title": "CVE description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
"product_ids": [
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004"
]
}
],
"title": "Improper Restriction of Excessive Authentication Attempts in SICK ICR890-4"
},
{
"cve": "CVE-2023-35698",
"cwe": {
"id": "CWE-204",
"name": "Observable Response Discrepancy"
},
"notes": [
{
"category": "description",
"text": "Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.",
"title": "CVE description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
"product_ids": [
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004"
]
}
],
"title": "Observable Response Discrepancy in SICK ICR890-4"
},
{
"cve": "CVE-2023-35699",
"cwe": {
"id": "CWE-313",
"name": "Cleartext Storage in a File or on Disk"
},
"notes": [
{
"category": "description",
"text": "Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.",
"title": "CVE description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Please make sure that you apply general security practices when operating the SICK ICR890-4 like restricting physical access to the device.\nThe following general security practices could mitigate the associated security risk. \n",
"product_ids": [
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004"
]
}
],
"title": "Cleartext Storage in a File or on Disk in SICK ICR890-4"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…