Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00068.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
n/a SICK RFU62x Firmware affected
Version Status Constraints
<v2.21 affected

Configuration 1 [-]

AND
cpe:2.3:o:sick:rfu620-10100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10100:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:sick:rfu620-10101_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10101:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:sick:rfu620-10102_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10102:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:sick:rfu620-10103_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10103:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:sick:rfu620-10104_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10104:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:sick:rfu620-10105_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10105:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:sick:rfu620-10107_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10107:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:sick:rfu620-10108_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10108:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:sick:rfu620-10111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10111:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:sick:rfu620-10114_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10114:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:sick:rfu620-10118_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10118:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:sick:rfu620-10400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10400:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:sick:rfu620-10401_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10401:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:sick:rfu620-10500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10500:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:sick:rfu620-10501_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10501:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:sick:rfu620-10503_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10503:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:sick:rfu620-10504_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10504:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:sick:rfu620-10507_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10507:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:sick:rfu620-10508_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10508:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:sick:rfu620-10510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10510:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:sick:rfu620-10514_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:rfu620-10514:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Sick Subscribe
Rfu620-10100 Subscribe
Rfu620-10100 Firmware Subscribe
Rfu620-10101 Subscribe
Rfu620-10101 Firmware Subscribe
Rfu620-10102 Subscribe
Rfu620-10102 Firmware Subscribe
Rfu620-10103 Subscribe
Rfu620-10103 Firmware Subscribe
Rfu620-10104 Subscribe
Rfu620-10104 Firmware Subscribe
Rfu620-10105 Subscribe
Rfu620-10105 Firmware Subscribe
Rfu620-10107 Subscribe
Rfu620-10107 Firmware Subscribe
Rfu620-10108 Subscribe
Rfu620-10108 Firmware Subscribe
Rfu620-10111 Subscribe
Rfu620-10111 Firmware Subscribe
Rfu620-10114 Subscribe
Rfu620-10114 Firmware Subscribe
Rfu620-10118 Subscribe
Rfu620-10118 Firmware Subscribe
Rfu620-10400 Subscribe
Rfu620-10400 Firmware Subscribe
Rfu620-10401 Subscribe
Rfu620-10401 Firmware Subscribe
Rfu620-10500 Subscribe
Rfu620-10500 Firmware Subscribe
Rfu620-10501 Subscribe
Rfu620-10501 Firmware Subscribe
Rfu620-10503 Subscribe
Rfu620-10503 Firmware Subscribe
Rfu620-10504 Subscribe
Rfu620-10504 Firmware Subscribe
Rfu620-10507 Subscribe
Rfu620-10507 Firmware Subscribe
Rfu620-10508 Subscribe
Rfu620-10508 Firmware Subscribe
Rfu620-10510 Subscribe
Rfu620-10510 Firmware Subscribe
Rfu620-10514 Subscribe
Rfu620-10514 Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2022-49614 Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://sick.com/psirt cve-icon cve-icon
History

Mon, 21 Apr 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: SICK AG

Published:

Updated: 2025-04-21T15:40:10.356Z

Reserved: 2022-12-08T00:00:00.000Z

Link: CVE-2022-46832

cve-icon Vulnrichment

Updated: 2024-08-03T14:39:38.773Z

cve-icon NVD

Status : Modified

Published: 2022-12-13T16:15:26.107

Modified: 2025-04-21T16:15:53.493

Link: CVE-2022-46832

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses