CVE-2020-2075

HIGH

Sick Lms111 Firmware < 1.04 - Improper Exception Handling

Title source: rule

Description

Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.

References (1)

[Vendor Advisory] https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories

Scores

CVSS v3 7.5

EPSS 0.0022

EPSS Percentile 44.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-755 CWE-703

Status published

Affected Products (30)

sick/lms111_firmware < 1.04

sick/lms511_firmware < 2.30

sick/clv620_firmware

sick/clv622_firmware

sick/clv621_firmware

sick/icr890-3_firmware

sick/msc800_firmware < 4.10

sick/rfh_firmware

sick/clv650_firmware

sick/clv651_firmware

sick/clv631_firmware

sick/clv630_firmware

sick/clv632_firmware

sick/clv640_firmware

sick/clv642_firmware

... and 15 more

Timeline

Published Aug 31, 2020

Tracked Since Feb 18, 2026