CVE-2023-23453

Name of the Vulnerable Software and Affected Versions SICK FX0-GENT v3 Firmware versions V3.04 and V3.05

Description The issue allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000. This is due to missing authentication for a critical function.

Recommendations For SICK FX0-GENT v3 Firmware versions V3.04 and V3.05, consider restricting access to the listener on TCP port 9000 to minimize the risk of exploitation. As a temporary workaround, avoid using the RK512 commands until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.