Vulnerability CVE-2019-14753

Vulnerability CVE-2019-14753

Published: 2019-09-24

Description:

SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow

Type:

CWE-120

(Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
None	None	Partial

Affected software
SICK -> Fx0-gent00000 firmware
SICK -> Fx0-gpnt00000 firmware

References:

https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories

https://www.sick.com/medias/SCA-2019-002.pdf?context=bWFzdGVyfGNvbnRlbnR8MjE5MDk1fGFwcGxpY2F0aW9uL3BkZnxjb250ZW50L2g3Yy9oNDEvMTAzMDY0NjAzNTI1NDIucGRmfDJlZTVmZjJmYzYwYmQ1ODQyZDBmMjA0OTc3ZDBjMmY1YzZkYzUzNzI0MWI0OGIyOTE0OTllY2VlYjJhNzUzYTE

Vulnerability CVE-2019-14753

SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow

CWE-120

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

5/10

2.9/10

10/10

Remote

Low

No required

None

None

Partial

Affected software

References: