What is CVE-2023-23450?

CVE-2023-23450 is a medium-severity vulnerability in Sick Ftmg-esd15axx, classified under CWE-836. CVSS score: 6.2/10. Published 2023-05-15.

How severe is CVE-2023-23450?

Medium severity. CVSS v3 base score is 6.2 out of 10.

Auth bypass in Sick Ftmg-esd15axx

CVE-2023-23450

Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to use a password hash instead o…

EPSS: 0.005 (67.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.2 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Sick Ftmg-esd15axx
Sick Ftmg-esd15axx_firmware
Sick Ftmg-esd20axx
Sick Ftmg-esd20axx_firmware
Sick Ftmg-esd25axx
Sick Ftmg-esd25axx_firmware
Sick Ftmg-esn40sxx
Sick Ftmg-esn40sxx_firmware
Sick Ftmg-esn50sxx
Sick Ftmg-esn50sxx_firmware

Weakness classification (CWE)

CWE-836
CWE-287 — Improper Authentication

References

psirt@sick.de (issue-tracking, Vendor Advisory)
psirt@sick.de (vendor-advisory, Vendor Advisory)
psirt@sick.de (x_csaf, Vendor Advisory)

Frequently asked questions

What is CVE-2023-23450?: CVE-2023-23450 is a medium-severity vulnerability in Sick Ftmg-esd15axx, classified under CWE-836. CVSS score: 6.2/10. Published 2023-05-15.
How severe is CVE-2023-23450?: Medium severity. CVSS v3 base score is 6.2 out of 10.