CVE-2020-2075

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2020-2075
Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sick:lms111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms111:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:sick:lms511_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms511:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:sick:clv620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv620:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:sick:clv622_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv622:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:sick:clv621_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv621:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:sick:icr890-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:icr890-3:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:sick:msc800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:msc800:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:sick:rfh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfh:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:sick:clv650_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv650:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:sick:clv651_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv651:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:sick:clv631_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv631:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:sick:clv630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv630:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:sick:clv632_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv632:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:sick:clv640_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv640:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:sick:clv642_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:clv642:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:sick:lms100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms100:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:sick:lms101_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms101:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:sick:lms111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms111:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:sick:lms153_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms153:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:sick:lms151_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms151:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:sick:lms133_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms133:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:sick:lms142_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms142:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:sick:lms143_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms143:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:sick:lms131_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms131:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:sick:lms121_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms121:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:sick:lms123_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms123:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:sick:lms122_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms122:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:sick:lms141_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms141:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:sick:lms511_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms511:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:sick:lms531_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms531:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:sick:lms500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:lms500:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:sick:icr890-3.5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:icr890-3.5:-:*:*:*:*:*:*:*
Information

Published : 2020-08-31 11:15

Updated : 2020-09-04 10:36

NVD link : CVE-2020-2075

Mitre link : CVE-2020-2075

JSON object : View

CWE
CWE-755

Improper Handling of Exceptional Conditions

Advertisement

dedicated server usa
Products Affected

sick

  • clv650_firmware
  • clv651_firmware
  • clv621_firmware
  • lms123
  • lms141
  • lms101_firmware
  • clv620_firmware
  • clv651
  • clv640_firmware
  • lms100_firmware
  • clv642_firmware
  • icr890-3_firmware
  • lms131
  • clv642
  • lms131_firmware
  • lms511_firmware
  • icr890-3.5_firmware
  • lms153
  • lms151
  • lms153_firmware
  • rfh_firmware
  • lms122_firmware
  • clv620
  • lms511
  • clv632_firmware
  • lms122
  • clv631_firmware
  • rfh
  • lms101
  • lms151_firmware
  • lms143_firmware
  • lms143
  • lms123_firmware
  • lms141_firmware
  • lms531_firmware
  • lms531
  • lms111_firmware
  • lms500_firmware
  • lms142
  • clv622_firmware
  • clv630_firmware
  • lms121
  • msc800
  • lms500
  • clv650
  • lms100
  • lms133
  • icr890-3.5
  • clv631
  • lms142_firmware
  • msc800_firmware
  • lms121_firmware
  • lms133_firmware
  • clv632
  • lms111
  • icr890-3
  • clv630
  • clv640
  • clv622
  • clv621