VYPR

Vendor CVEs

SICK AG

All CVEs

83 total · sorted by risk
  • CVE-2025-27593CriMar 14, 2025
    risk 0.60cvss 9.3epss 0.00

    The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems.

  • CVE-2025-0593HigFeb 14, 2025
    risk 0.57cvss 8.8epss 0.01

    The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by using lower-level functions to interact with the device.

  • CVE-2024-11075HigNov 19, 2024
    risk 0.57cvss 8.8epss 0.00

    A vulnerability in the Incoming Goods Suite allows a user with unprivileged access to the underlying system (e.g. local or via SSH) a privilege escalation to the administrative level due to the usage of component vendor Docker images running with root permissions. Exploiting…

  • CVE-2023-3271HigJul 10, 2023
    risk 0.53cvss 8.2epss 0.01

    Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.

  • CVE-2024-8751HigSep 12, 2024
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP address over Sopas ET. This can lead to Denial of Service. Users are recommended to upgrade both MSC800 and MSC800 LFT to version V4.26 and S2.93.20 respectively which fixes this…

  • CVE-2023-3273HigJul 10, 2023
    risk 0.49cvss 7.5epss 0.01

    Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.

  • CVE-2023-3272HigJul 10, 2023
    risk 0.49cvss 7.5epss 0.00

    Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted.

  • CVE-2023-35696HigJul 10, 2023
    risk 0.49cvss 7.5epss 0.01

    Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.

  • CVE-2023-23447HigMay 15, 2023
    risk 0.49cvss 7.5epss 0.01

    Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to influence the availability of the webserver by invocing several open file requests via the REST…

  • CVE-2023-23446HigMay 15, 2023
    risk 0.49cvss 7.5epss 0.01

    Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface.

  • CVE-2023-23445HigMay 15, 2023
    risk 0.49cvss 7.5epss 0.01

    Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface.

  • CVE-2024-10774HigDec 6, 2024
    risk 0.47cvss 7.3epss 0.00

    Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of large parts of the web application without authentication.

  • CVE-2023-23450MedMay 15, 2023
    risk 0.40cvss 6.2epss 0.01

    Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to use a password hash instead of an actual password to login to a valid…

  • CVE-2023-31409MedMay 15, 2023
    risk 0.35cvss 5.3epss 0.01

    Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an remote attacker to influence the availability of the webserver by invocing a Slowloris style attack via HTTP requests.

  • CVE-2025-32472MedApr 28, 2025
    risk 0.34cvss 5.3epss 0.01

    The multiScan and picoScan are vulnerable to a denial-of-service (DoS) attack. A remote attacker can exploit this vulnerability by conducting a Slowloris-type attack, causing the web page to become unresponsive.

  • CVE-2023-35699MedJul 10, 2023
    risk 0.34cvss 5.3epss 0.00

    Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.

  • CVE-2023-35698MedJul 10, 2023
    risk 0.34cvss 5.3epss 0.01

    Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.

  • CVE-2023-35697MedJul 10, 2023
    risk 0.34cvss 5.3epss 0.01

    Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.

  • CVE-2023-31408MedMay 15, 2023
    risk 0.34cvss 5.3epss 0.00

    Cleartext Storage of Sensitive Information in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to potentially steal user credentials that are stored in the user’s browsers local storage via…

  • CVE-2023-23449MedMay 15, 2023
    risk 0.34cvss 5.3epss 0.01

    Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface.

  • CVE-2023-23448MedMay 15, 2023
    risk 0.34cvss 5.3epss 0.01

    Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames via analysis of source code.

  • CVE-2026-22646Jan 15, 2026
    risk 0.00cvss epss 0.00

    Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions) that can be used to map the…

  • CVE-2026-22645Jan 15, 2026
    risk 0.00cvss epss 0.00

    The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components.

  • CVE-2026-22644Jan 15, 2026
    risk 0.00cvss epss 0.00

    Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access.

  • CVE-2025-58579Oct 6, 2025
    risk 0.00cvss epss 0.00

    Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration.

  • CVE-2025-58591Oct 6, 2025
    risk 0.00cvss epss 0.00

    A remote, unauthorized attacker can brute force folders and files and read them like private keys or configurations, making the application vulnerable for gathering sensitive information.

  • CVE-2025-58590Oct 6, 2025
    risk 0.00cvss epss 0.00

    It's possible to brute force folders and files, what can be used by an attacker to steal sensitve information.

  • CVE-2025-58589Oct 6, 2025
    risk 0.00cvss epss 0.00

    When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker thus receives information about the technology used and the structure of the application.

  • CVE-2025-58587Oct 6, 2025
    risk 0.00cvss epss 0.00

    The application does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it possible for an attacker to guess user credentials.

  • CVE-2025-58586Oct 6, 2025
    risk 0.00cvss epss 0.00

    For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.

  • CVE-2025-58585Oct 6, 2025
    risk 0.00cvss epss 0.00

    Multiple endpoints with sensitive information do not require authentication, making the application susceptible to information gathering.

  • CVE-2025-58584Oct 6, 2025
    risk 0.00cvss epss 0.00

    In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed…

  • CVE-2025-9914Oct 6, 2025
    risk 0.00cvss epss 0.00

    The credentials of the users stored in the system's local database can be used for the log in, making it possible for an attacker to gain unauthorized access. This could potentially affect the confidentiality of the application.

  • CVE-2025-9913Oct 6, 2025
    risk 0.00cvss epss 0.00

    JavaScript can be ran inside the address bar via the dashboard "Open in new Tab" Button, making the application vulnerable to session hijacking.

  • CVE-2025-49193Jun 12, 2025
    risk 0.00cvss epss 0.00

    The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code…

  • CVE-2025-49186Jun 12, 2025
    risk 0.00cvss epss 0.00

    The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.

  • CVE-2025-49184Jun 12, 2025
    risk 0.00cvss epss 0.00

    A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.

  • CVE-2023-5246Oct 23, 2023
    risk 0.00cvss epss 0.01

    Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the…

  • CVE-2023-5103Oct 9, 2023
    risk 0.00cvss epss 0.00

    Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensitive information via tricking a user into clicking on an actionable item using an iframe.

  • CVE-2023-5102Oct 9, 2023
    risk 0.00cvss epss 0.01

    Insufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker to potentially enable hidden functionality via HTTP requests.

  • CVE-2023-5101Oct 9, 2023
    risk 0.00cvss epss 0.01

    Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests.

  • CVE-2023-5100Oct 9, 2023
    risk 0.00cvss epss 0.00

    Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not encrypted.

  • CVE-2023-43698Oct 9, 2023
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (’Cross-site Scripting’) in RDT400 in SICK APU allows an unprivileged remote attacker to run arbitrary code in the clients browser via injecting code into the website.

  • CVE-2023-43699Oct 9, 2023
    risk 0.00cvss epss 0.01

    Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an unprivileged remote attacker to guess the password via trial-and-error as the login attempts are not limited.

  • CVE-2023-43700Oct 9, 2023
    risk 0.00cvss epss 0.01

    Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication.

  • CVE-2023-5288Sep 29, 2023
    risk 0.00cvss epss 0.01

    A remote unauthorized attacker may connect to the SIM1012, interact with the device and change configuration settings. The adversary may also reset the SIM and in the worst case upload a new firmware version to the device.

  • CVE-2023-31412Aug 24, 2023
    risk 0.00cvss epss 0.00

    The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password.

  • CVE-2023-4420Aug 24, 2023
    risk 0.00cvss epss 0.00

    A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive…

  • CVE-2023-4419Aug 24, 2023
    risk 0.00cvss epss 0.01

    The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device.

  • CVE-2023-4418Aug 24, 2023
    risk 0.00cvss epss 0.01

    A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its availability through a TCP SYN-based denial-of-service (DDoS) attack. By exploiting this vulnerability, an attacker can flood the targeted LMS5xx with a high volume of TCP SYN requests,…

Page 1 of 2