65 matches found
Vulnerabilities affecting SICK TDC-E210GC
SICK has identified multiple vulnerabilities in the SICK TDC-E210GC product. The advisory includes a total of 23 vulnerabilities, of which 14 are confirmed as affected and 9 as known not affected. At this time, SICK is not aware of any public exploits specifically targeting these vulnerabilities...
Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4
Several vulnerabilities in the Endress+Hauser MEAC300-FNADE4 were discovered, that can be accessed via Ethernet...
Vulnerabilities in SICK Package Analytics
SICK received a report about multiple vulnerabilities in the SICK Package Analytics. The vulnerabilities result from the used MySQL database with version 5.7.25. The vulnerable MySQL version include Buffer-Overflow, Improper Access Control, and Improper Certification Validation vulnerabilities...
Vulnerability affecting picoScan and multiScan
SICK has identified a Denial of Service vulnerability CVE-2025-32472 in picoScan and multiScan, which can cause the web page to become unresponsive. Due to their architectural design, these products are not affected by the other vulnerabilities listed in this advisory. Currently SICK is not aware...
Multiple vulnerabilities in SICK MEAC300
SICK has identified vulnerabilities in MEAC300. These vulnerabilities, related to the OpenSSL library and specific device functionalities, could potentially allow remote, unauthenticated attackers to: 1 Cause a denial of service: Triggering an infinite loop that consumes CPU resources, rendering...
Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics
A critical vulnerability in Apache ActiveMQ affects the SICK products Field Analytics 1.2 and Logistics Analytics products 4.5. The Java OpenWire protocol marshaller that is used in ActiveMQ Classic and ActiveMQ Artemis is vulnerable to Remote Code execution. This vulnerability may allow a remote...
Vulnerabilities affecting Endress+Hauser SSG-E210GC
Several vulnerabilities in the Endress+Hauser SSG-E210GC product were discoverd. The advisory includes a total of 23 vulnerabilities, of which 14 are confirmed as affected and 9 as known not affected...
OpenSSL vulnerability affects multiple SICK SIMs
In March 2022, the OpenSSL development team disclosed a denial of service in versions "3.0.0," "3.0.1," "1.1.1"-"1.1.1m" and "1.0.2-1.0.2zc" of the OpenSSL library. Exploiting this vulnerability allows remote, unauthenticated attackers to cause an infinite loop. It is possible to trigger the...
Vulnerability affecting SICK nanoScan3 and microScan3
SICK has identified a 3rd party vulnerability CVE-2025-55093 in the nanoScan3 and microScan3. Only specific variants within the microScan3 and nanoScan3 families are affected by CVE-2025-55093. The underlying issue in the NetX Duo networking module could, under specific conditions, cause the devi...
SICK Security Advisory for Apache Log4j (CVE-2021-44228)
SICK Security Advisory for Apache Log4j CVE-2021-44228...
PwnKit vulnerability affects multiple SICK IPCs
CVE-2021-4034 is a Local Privilege Escalation LPE vulnerability, located in the "Polkit" package installed by default on almost every major distribution of the Linux operating system. On 2022-01-25, Qualys released an advisory for this LPE vulnerability, advising to either update the “Polkit”...
MEAC affected by Windows SMBv1 vulnerability
Microsoft disclosed a critical security vulnerability in the Microsoft Server Message Block 1.0 SMBv1 back in 2017. A successful exploitation of this vulnerability could lead to remote code execution with administrator privileges...
Vulnerabilities affecting SICK LMS1000 and SICK MRS1000
Two vulnerabilities affect the SICK LMS1000 and SICK MRS1000 product families. The vulnerabilities allow the use of weak cryptographic configurations in the SSH service, which may enable an attacker with network access to observe, manipulate, or compromise the integrity of SSH communications. SIC...
Multiple vulnerabilities in SICK Field Analytics and SICK Media Server
SICK has found multiple vulnerabilities in the products SICK Field Analytics and SICK Media Server. The vulnerabilities could potentially affect the confidentiality, integrity an availability of the products. Therefore it is strongly recommended to apply general security practices when operating...
Sudo vulnerability affects Endress+Hauser MCS200HW
The display unit of the Endress+Hauser MCS200HW is affected by a sudo chroot vulnerability...
Vulnerabilities affecting SICK TDC-X401GL
SICK has identified multiple vulnerabilities in the SICK TDC-X401GL product. The vulnerabilities could potentially affect the confidentiality, integrity an availability of the product. Therefore it is strongly recommended to apply general security practices when operating the product. SICK is...
Vulnerabilities affecting SICK Incoming Goods Suite
SICK has identified multiple vulnerabilities in the SICK Incoming Goods Suite product. Vulnerabilities related to Grafana apply exclusively to the administrative user interface for log management and do not affect the Incoming Goods Suite user interface. The vulnerabilities could potentially affe...
Vulnerabilities affecting SICK Lector85x and SICK Lector83x
Two vulnerabilities affecting the SICK Lector85x and SICK Lector83x product families have been identified. Both vulnerabilities are caused by insufficient access restrictions in HTTP-based interfaces, which may allow unauthenticated access to sensitive device resources. Depending on the...
Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products
Eclipse Cyclone DDS has known vulnerabilities and is used in SICK picoScan150 and SICK picoScan120 products starting with version 2.2.0. A current analysis confirms that the identified vulnerabilities CVE-2025-67109 and CVE-2023-24011 do not affect SICK picoScan150 and SICK picoScan120. Both...
CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC
A vulnerability in the CodeMeter runtime affects the SICK products SICK CODE-LOC and SICK LIDAR-LOC. This could potentially affect the integrity, confidentiality and availability of the products. Only systems running on Microsoft Windows are affected. Furthermore, the systems are only affected wh...
Vulnerabilities affecting SICK TLOC100-100
SICK has identified multiple vulnerabilities in the SICK TLOC100-100 product. The vulnerabilities could potentially affect the confidentiality, integrity an availability of the product. Therefore it is strongly recommended to apply general security practices when operating the product. SICK is...
Vulnerabilities in SICK ICR890-4
SICK has found several security vulnerabilities in the SICK ICR890-4. If exploited, these could allow an unauthenticated remote attacker to compromise the availability or confidentiality of the SICK ICR890-4. Currently, SICK is not aware of any public exploits that specifically target any of the...
Vulnerabilities in SICK FTMg
SICK found multiple security vulnerabilities in the SICK FTMg device. If exploited, these potentially allow a remote unauthenticated attacker to impact the availabiltiy or confidentaility of the FTMg device. Currently SICK is not aware of any public exploits specifically targeting any of the...
Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways
Several versions of the SICK Flexi Soft Gateways FX0-GENT, FX0-GMOD, FX0-GPNT and SICK Flexi Classic Gateway UE410 provide a Telnet interface for debugging, which is enabled by factory default. No password is set in the default configuration. If the password is not set by the customer, a remote...
Vulnerabilities in SICK FTMg
SICK received a report about multiple security vulnerabilities in the SICK FTMg device. Currently SICK is not aware of any public exploits specifically targeting any of the vulnerabilities. SICK has released a new version of the SICK FTMg firmware and recommends updating to the newest version...
MEAC affected by Windows SMBv3 vulnerability
Microsoft disclosed a critical vulnerability in the way Microsoft Server Message Block 3.1.1 SMBv3 handles compressed connections. That may allow unauthenticated attackers to execute arbitrary code on a vulnerable device. Since the MEAC central emission monitoring computer EPC acts as a SMB serve...
Critical vulnerabilities in SICK DL100-2xxxxxxx
Critical vulnerabilities have been found in the SICK device DL100-2xxxxxxx. If exploited, this potentially allows an attacker to impact availabiltiy, integrity and confidentaility of the products. Currently, SICK is not aware of any public exploits specifically targeting these vulnerabilities. As...
Vulnerability in SICK Lector8xx and SICK InspectorP8xx
SICK has found two vulnerabilities that affect the SICK Lector8xx and SICK InspectorP8xx. The vulnerabilities may allow a remote low priviledged attacker to run arbitrary shell commands by manipulating the firmware file or executing low-level functions. SICK is currently not aware of any public...
Vulnerabilities in SICK Application Processing Unit
Vulnerabilities in SICK Application Processing Unit...
Vulnerabilities in SICK LMS5xx
SICK received a report about multiple vulnerabilities in the SICK LMS5xx, that can be accessed via Ethernet. If exploited, this potentially allows a remote unauthenticated attacker to impact availabiltiy, integrity and confidentaility of the LMS5xx. SICK recommends making sure to run the product ...
SICK FlexiCompact affected by Denial of Service vulnerability
SICK discovered a vulnerability in the configuration interface of FlexiCompact that can be accessed via Ethernet or USB. If exploited, this potentially allows a remote unauthenticated attacker to impact availabiltiy of the FlexiCompact. SICK recommends making sure to run a non-affected version...
Package Analytics affected by Windows TCP/IP vulnerability
Microsoft disclosed a critical vulnerability in the way ICMPv6 Router Advertisement packets are handled on Windows 10 and Windows Server 2019. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. To exploit this...
Sudo vulnerability affects SICK SID products
SICK SID products are affected by the sudo vulnerability CVE-2025-32463. SICK strongly recommends to update to the latest version to mitigate the risk...
Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products
SICK has found multiple vulnerabilities in SICK Enterprise Analytics and the SICK Logistic Analytics products. The vulnerabilities could potentially affect the confidentiality, integrity and availability of the products. Therefore it is strongly recommended to apply general security practices whe...
FreeRTOS Vulnerabilities have no impact on SICK Products
FreeRTOS has several known vulnerabilities and is used in various SICK products. A current analysis confirms that the identified vulnerabilities in FreeRTOS do not affect the mentioned SICK products. At this time, there is no indication of any potential risks to these SICK products...
Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx
Multiple critical vulnerabilities were found in the SICK products InspectorP61x, InspectorP62x and TiM3xx. If exploited, this potentially allows an attacker to impact availabiltiy, integrity and confidentaility of the products. It is strongly recommended to upgrade the InspectorP61x, InspectorP62...
Third party vulnerabilities in SICK CDE-100
The SICK CDE-100 uses the open-source libraries FreeRTOS, lwIP and MCU Boot. The used libraries contain vulnerabilities that affect the SICK CDE-100...
Vulnerability in SICK MSC800
SICK found a security vulnerability in the SICK MSC800. This vulnerability allows an unauthenticated attacker to modify the IP address of the product through the SopasET interface, potentially leading to Denial of Service. Currently SICK is not aware of any public exploits specifically targeting...
Vulnerability in multiple SICK Flexi Soft Gateways
The SICK PSIRT received a report about a vulnerability in several Flexi Soft Gateways that could allow an attacker to login to the gateways by sending specially crafted packets and potentially impact the availabilty, integrity and confidentiality of the devices. SICK recommends making sure to run...
Vulnerability in SICK SIM1012
To allow full programmability of the SICK SIM1012, all Ethernet ports are open by factory default. If unused ports are not closed, this could potentially allow a remote, unauthenticated attacker to impact the availability, confidentiality, and integrity of the SICK SIM1012. SICK is not aware of a...
Vulnerabilities in SICK EventCam App
SICK discovered vulnerabilities in the SICK EventCam App, that can be accessed via Ethernet. If exploited, this potentially allows a remote unauthenticated attacker to impact availabiltiy, integrity and confidentaility of the EventCam App. SICK recommends making sure to run the product in a secur...
Vulnerability in SICK Flexi Soft and Flexi Classic Gateways
SICK discovered a vulnerability in several Flexi Classic and Flexi Soft Gateways. If exploited, this potentially allows a remote unauthenticated attacker to impact the availabiltiy of the gateways. SICK is not aware of an exploit targeting this vulnerability...
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR
SICK received a report about a vulnerability in the SICK RFU6XX RADIO FREQUEN. SENSOR. The used SSH service allowed for weak cipher suites to be used in traffic encryption. If weak cipher suites are used for traffic encryption, an attacker could potentially decrypt the traffic, which would affect...
Password recovery vulnerability affects multiple SICK SIMs
SICK received a report about a vulnerability in multiple SICK SIM products. The vulnerability is classified as a "Missing Authentication for Critical Function" vulnerability and results from a mishandling of access to a password recovery mechanism. It is possible for an unprivileged, remote user ...
Vulnerability in SICK Flexi Soft Designer & Safety Designer
A deserialization vulnerability in a .NET framework class used by both SICK Flexi Soft Designer and SICK Safety Designer allows an attacker to create malicious project files...
Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET
The PSIRT received a report about a vulnerability in the Gateway Flexi Soft and microScan3 PROFINET. The vulnerability is classified as a denial-of-service vulnerability and results form a mishandling of Read Implicit Request services...
Vulnerabilities in SICK MARSIC300
SICK received a report about multiple security vulnerabilities in the SICK MARSIC300 device. The security vulnerabilities are caused by the third-party library Dropbear, which is used by the SICK MARSIC300 to provide SSH communication. A successful exploitation of these vulnerabilities could lead...
Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000
The security-testlab team of Fraunhofer IOSB in Karlsruhe reported a security vulnerability that affects SICK FX0-GPNT00000 and SICK FX0-GENT00000 in the version V3.04.0. The SICK FX0-GPNT00000 and SICK FX0-GENT00000 are vulnerable to a buffer overflow by exploiting the available resources with U...
Vulnerabilities in SICK Flexi Compact
SICK has found two vulnerabilities that affect the SICK Flexi Compact. The vulnerabilities may affect the availability and confidentiality of the products. SICK is currently not aware of any public exploits...
Vulnerability in SICK OLM
SICK received a report about a vulnerability in the SICK Support Portal supportportal.sick.com, which was hosted and operated by a third-party service provider. Due to a misconfiguration, the access restriction of a NFS Network File System storage system has failed, which resulted in temporary...