CVE-2023-43700

HIGH

SICK APU0200 Firmware < 4.0.0.6 - Unauthenticated Data Modification via RDT400 HTTP Requests

Title source: llm
STIX 2.1

Description

Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication.

References (3)

Core 3
Core References
Product issue-tracking
https://sick.com/psirt

Scores

CVSS v3 7.7
EPSS 0.0063
EPSS Percentile 45.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (1)
sick/apu0200_firmware < 4.0.0.6
Published Oct 09, 2023
Tracked Since Feb 18, 2026