CVE-2022-43990

Name of the Vulnerable Software and Affected Versions SICK SIM1012 Partnumber 1098146 versions prior to 2.2.0

Description A password recovery issue allows an unprivileged remote attacker to gain access to the RecoverableUserLevel by invoking the password recovery mechanism method, leading to increased privileges on the system and affecting its confidentiality, integrity, and availability. An attacker can expect repeatable success by exploiting this issue.

Recommendations For SICK SIM1012 Partnumber 1098146 versions prior to 2.2.0, update the firmware to a version >= 2.2.0 as soon as possible, available in the SICK Support Portal.