What is CVE-2023-23445?

CVE-2023-23445 is a high-severity vulnerability in Sick Ftmg-esd15axx, classified under Improper Access Control. CVSS score: 7.5/10. Published 2023-05-15.

How severe is CVE-2023-23445?

High severity. CVSS v3 base score is 7.5 out of 10.

Auth bypass in Sick Ftmg-esd15axx

CVE-2023-23445

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpr…

EPSS: 0.004 (61.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Sick Ftmg-esd15axx
Sick Ftmg-esd15axx_firmware
Sick Ftmg-esd20axx
Sick Ftmg-esd20axx_firmware
Sick Ftmg-esd25axx
Sick Ftmg-esd25axx_firmware
Sick Ftmg-esn40sxx
Sick Ftmg-esn40sxx_firmware
Sick Ftmg-esn50sxx
Sick Ftmg-esn50sxx_firmware

Weakness classification (CWE)

CWE-284 — Improper Access Control
CWE-863 — Incorrect Authorization

References

psirt@sick.de (issue-tracking, Vendor Advisory)
psirt@sick.de (vendor-advisory, Vendor Advisory)
psirt@sick.de (x_csaf, Vendor Advisory)

Frequently asked questions

What is CVE-2023-23445?: CVE-2023-23445 is a high-severity vulnerability in Sick Ftmg-esd15axx, classified under Improper Access Control. CVSS score: 7.5/10. Published 2023-05-15.
How severe is CVE-2023-23445?: High severity. CVSS v3 base score is 7.5 out of 10.