CVE-2023-23446 Information

Description

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214 1100215 1100216 1120114 1120116 1122524 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface.

Reference

https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf https://sick.com/psirt https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json