66 matches found
Vulnerability in SICK Flexi Soft and Flexi Classic Gateways
SICK discovered a vulnerability in several Flexi Classic and Flexi Soft Gateways. If exploited, this potentially allows a remote unauthenticated attacker to impact the availabiltiy of the gateways. SICK is not aware of an exploit targeting this vulnerability...
Password recovery vulnerability affects multiple SICK SIMs
SICK received a report about a vulnerability in multiple SICK SIM products. The vulnerability is classified as a "Missing Authentication for Critical Function" vulnerability and results from a mishandling of access to a password recovery mechanism. It is possible for an unprivileged, remote user ...
Vulnerability in SICK Flexi Soft Designer & Safety Designer
A deserialization vulnerability in a .NET framework class used by both SICK Flexi Soft Designer and SICK Safety Designer allows an attacker to create malicious project files...
Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET
The PSIRT received a report about a vulnerability in the Gateway Flexi Soft and microScan3 PROFINET. The vulnerability is classified as a denial-of-service vulnerability and results form a mishandling of Read Implicit Request services...
Vulnerabilities in SICK MARSIC300
SICK received a report about multiple security vulnerabilities in the SICK MARSIC300 device. The security vulnerabilities are caused by the third-party library Dropbear, which is used by the SICK MARSIC300 to provide SSH communication. A successful exploitation of these vulnerabilities could lead...
Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC
The CVE-2021-26414 “Windows DCOM Server Security Feature Bypass” was issued by Microsoft, that may affect the functionality of the SICK MEAC software installed on SICK IPCs. Interpretation: The vulnerability allows a remote attacker to bypass the Windows DCOM Server authentication process...
Security Information Regarding "Profile Programming"
The customer IOActive provided a Security Advisory report to SICK AG referring to the feature profile programming with regards to the listed affected products. Certain SICK products support profile programming with bar codes, generated and printed via SOPAS ET...
Vulnerabilities in SICK Flexi Compact
SICK has found two vulnerabilities that affect the SICK Flexi Compact. The vulnerabilities may affect the availability and confidentiality of the products. SICK is currently not aware of any public exploits...
Vulnerability in SICK OLM
SICK received a report about a vulnerability in the SICK Support Portal supportportal.sick.com, which was hosted and operated by a third-party service provider. Due to a misconfiguration, the access restriction of a NFS Network File System storage system has failed, which resulted in temporary...
Vulnerability in SICK Incoming Goods Suite
SICK found a vulnerability in the Incoming Goods Suite which allows privilege escalation to the administrative level. Currently SICK is not aware of any public exploits specifically targeting the vulnerability. SICK has released a new version and strongly recommends updating to the newest version...
Critical vulnerability in multiple SICK products
A critical vulnerability has been discovered in the .sdd files of several SICK products. This vulnerability could allow a remote, unauthenticated attacker to gain access to the "Authorized Client" user role, potentially impacting the availability and integrity of the affected SICK products. Users...
Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products
Wibu-Systems disclosed a security vulnerability in the CodeMeter Runtime. There is a heap buffer overflow vulnerability which can potentially lead to a remote code execution. Currently, no PoC is known to Wibu-Systems. To exploit the heap overflow, additional protection mechanisms need to be...
Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3
The PSIRT received a report about a vulnerability in some gateways for Flexi Soft, Flexi Compact, EFI gateway UE4740, microScan3 and the outdoorScan3. The vulnerability is classified as a denial-of-service vulnerability and results from a malformed UDP package. It is recommended to implement the...
Vulnerabilities in SICK SOPAS ET
SICK received a report from Eden Bar of Claroty about multiple security vulnerabilities in the SICK SOPAS ET software. An unauthorized attacker could potentially craft a malicious SOPAS Device Driver SDD file, that if a user imports that file to SOPAS ET could allow arbitrary code execution on th...
MSC800 affected by hard-coded credentials vulnerability
The ICS-CERT reported a security vulnerability that affects MSC800 versions before 4.0. The MSC800 uses hard-coded credentials, which potentially allow low-skilled remote attackers to reconfigure settings and /or disrupt the functionality of the device. Currently SICK is not aware of any public...
Vulnerability Affecting SICK Sentio Creator Extension “Software Deployment Manager”
The pre-installed Software Deployment Manager extension in SICK Sentio Creator is affected by CVE-2026-33151. The Software Deployment Manager extension is maintained and updated independently from SICK Sentio Creator and therefore SICK recommends applying the defined remediations for the...