CVE-2023-23444

Summary

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.

Affected Software

VendorProductVersion RangeStatus
SICK AGUE410-EN3 FLEXI ETHERNET GATEW.all firmware versionsaffected
SICK AGUE410-EN1 FLEXI ETHERNET GATEW.all firmware versionsaffected
SICK AGUE410-EN4 FLEXI ETHERNET GATEW.all firmware versionsaffected
SICK AGFX0-GENT00000 FLEXISOFT EIP GATEW.all firmware versionsaffected
SICK AGFX0-GMOD00000 FLEXISOFT MOD GATEW.all firmware versionsaffected
SICK AGFX0-GPNT00000 FLEXISOFT PNET GATEW.all firmware versionsaffected
SICK AGFX0-GENT00030 FLEXISOFT EIP GATEW.V2all firmware versionsaffected
SICK AGFX0-GPNT00030 FLEXISOFT PNET GATEW.V2all firmware versionsaffected
SICK AGFX0-GMOD00010 FLEXISOFT MOD GW (C)all firmware versionsaffected
SICK AGFX3-GEPR00000 FLEXISOFT EFI-PRO GWall firmware versionsaffected
SICK AGFX3-GEPR00010 FLEXISOFT EFI-PRO GWall firmware versionsaffected
SICK AGFX0-GETC00000 FLEXISOFT ETC GWall firmware versionsaffected
SICK AGFX0-GETC00040 FLEXISOFT ETC GWall firmware versionsaffected
SICK AGFX0-GETC00010 FLEXISOFT ETC GW (C)all firmware versionsaffected
SICK AGFX0-GENT00010 FLEXISOFT EIP GW (C)all firmware versionsaffected
SICK AGFX0-GPNT00010 FLEXISOFT PNET GW (C)all firmware versionsaffected
SICK AGUE410-EN3 FLEXI ETHERNET GATEW. Firmwareall firmware versionsaffected
SICK AGUE410-EN1 FLEXI ETHERNET GATEW. Firmwareall firmware versionsaffected
SICK AGUE410-EN4 FLEXI ETHERNET GATEW. Firmwareall firmware versionsaffected
SICK AGFX0-GENT00000 FLEXISOFT EIP GATEW. Firmwareall firmware versionsaffected
SICK AGFX0-GMOD00000 FLEXISOFT MOD GATEW. Firmwareall firmware versionsaffected
SICK AGFX0-GPNT00000 FLEXISOFT PNET GATEW. Firmwareall firmware versionsaffected
SICK AGFX0-GENT00030 FLEXISOFT EIP GATEW.V2 Firmwareall firmware versionsaffected
SICK AGFX0-GPNT00030 FLEXISOFT PNET GATEW.V2 Firmwareall firmware versionsaffected
SICK AGFX0-GMOD00010 FLEXISOFT MOD GW (C) Firmwareall firmware versionsaffected
SICK AGFX3-GEPR00000 FLEXISOFT EFI-PRO GW Firmwareall firmware versionsaffected
SICK AGFX3-GEPR00010 FLEXISOFT EFI-PRO GW Firmwareall firmware versionsaffected
SICK AGFX0-GETC00000 FLEXISOFT ETC GW Firmwareall firmware versionsaffected
SICK AGFX0-GETC00040 FLEXISOFT ETC GW Firmwareall firmware versionsaffected
SICK AGFX0-GETC00010 FLEXISOFT ETC GW (C) Firmwareall firmware versionsaffected
SICK AGFX0-GENT00010 FLEXISOFT EIP GW (C) Firmwareall firmware versionsaffected
SICK AGFX0-GPNT00010 FLEXISOFT PNET GW (C) Firmwareall firmware versionsaffected

Weaknesses

  • Missing Authentication for Critical Function

Workarounds

Please make sure that you apply general security practices when operating the Flexi Classic and Flexi Soft Gateways like network segmentation. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References