CVE-2023-5101

MEDIUM

SICK APU - Files Accessible

Title source: llm

Description

Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests.

References (3)

[Product] https://sick.com/psirt

[Vendor Advisory] https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf

[Vendor Advisory] https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json

Scores

CVSS v3 5.3

EPSS 0.0014

EPSS Percentile 33.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-552

Status published

Products (1)

sick/apu0200_firmware < 4.0.0.6

Published Oct 09, 2023

Tracked Since Feb 18, 2026