VYPR

ICR890-4

by SICK AG

CVEs (8)

  • CVE-2023-3271HigJul 10, 2023
    risk 0.53cvss 8.2epss 0.01

    Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.

  • CVE-2023-3273HigJul 10, 2023
    risk 0.49cvss 7.5epss 0.01

    Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.

  • CVE-2023-3272HigJul 10, 2023
    risk 0.49cvss 7.5epss 0.00

    Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted.

  • CVE-2023-35696HigJul 10, 2023
    risk 0.49cvss 7.5epss 0.01

    Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.

  • CVE-2023-35699MedJul 10, 2023
    risk 0.34cvss 5.3epss 0.00

    Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.

  • CVE-2023-35698MedJul 10, 2023
    risk 0.34cvss 5.3epss 0.01

    Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.

  • CVE-2023-35697MedJul 10, 2023
    risk 0.34cvss 5.3epss 0.01

    Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.

  • CVE-2023-3270Jul 10, 2023
    risk 0.00cvss epss 0.01

    Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the system.