CVE-2022-43989

Name of the Vulnerable Software and Affected Versions SICK SIM2x00 (ARM) Partnumber 1092673 and 1081902 versions prior to 1.2.0

Description A password recovery issue allows an unprivileged remote attacker to invoke the password recovery mechanism method, gaining access to the user level defined as RecoverableUserLevel. This results in increased privileges on the system, affecting confidentiality, integrity, and availability. An attacker can expect repeatable success by exploiting this issue.

Recommendations For SICK SIM2x00 (ARM) Partnumber 1092673 and 1081902 versions prior to 1.2.0, update the firmware to a version >= 1.2.0 as soon as possible, available in the SICK Support Portal.