Vulnerability Details : CVE-2022-46832

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.

Published 2022-12-13 16:15:26

Updated 2022-12-15 20:13:44

Source SICK AG

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2022-46832

Probability of exploitation activity in the next 30 days: 0.07%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 31 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2022-46832

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	nvd@nist.gov
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2022-46832

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.
Assigned by:
- nvd@nist.gov (Primary)
- psirt@sick.de (Secondary)

References for CVE-2022-46832

https://sick.com/psirt

The SICK Product Security Incident Response Team (SICK PSIRT) | SICK
Vendor Advisory

CVEs referencing this url

Products affected by CVE-2022-46832

Sick » Rfu620-10100 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10100 » Version: N/A
Sick » Rfu620-10101 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10101_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10101 » Version: N/A
Sick » Rfu620-10102 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10102_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10102 » Version: N/A
Sick » Rfu620-10103 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10103_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10103 » Version: N/A
Sick » Rfu620-10104 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10104_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10104 » Version: N/A
Sick » Rfu620-10105 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10105_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10105 » Version: N/A
Sick » Rfu620-10107 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10107_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10107 » Version: N/A
Sick » Rfu620-10108 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10108_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10108 » Version: N/A
Sick » Rfu620-10111 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10111_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10111 » Version: N/A
Sick » Rfu620-10114 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10114_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10114 » Version: N/A
Sick » Rfu620-10118 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10118_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10118 » Version: N/A
Sick » Rfu620-10400 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10400_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10400 » Version: N/A
Sick » Rfu620-10401 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10401_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10401 » Version: N/A
Sick » Rfu620-10500 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10500 » Version: N/A
Sick » Rfu620-10501 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10501_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10501 » Version: N/A
Sick » Rfu620-10503 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10503_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10503 » Version: N/A
Sick » Rfu620-10504 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10504_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10504 » Version: N/A
Sick » Rfu620-10507 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10507_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10507 » Version: N/A
Sick » Rfu620-10508 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10508_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10508 » Version: N/A
Sick » Rfu620-10510 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10510_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10510 » Version: N/A
Sick » Rfu620-10514 Firmware
Versions before (<) 2.21
cpe:2.3:o:sick:rfu620-10514_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sick » Rfu620-10514 » Version: N/A