SCA-2023-0001 (Last Update: 2023-02-21): Bootloader mode vulnerability in Flexi Soft Gateways v3

The SICK PSIRT received a report about a Missing Authentication for Critical Function vulnerability in the firmware of FX0-GPNT v3 and FX0-GENT v3. This vulnerability was introduced with the hardware redesign of the v3 of FX0-GENT and FX0-GPNT as part of the implementation of the RK512 protocol. The RK512 protocol is used to configure the Flexi Soft stations via an exposed TCP port on the Ethernet based gateways.