CVE-2020-2075

Name: CVE-2020-2075
Creator: NVD / NIST
Published: 2020-08-31T18:15:13.17+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.5/10EPSS 1.43%

Last modified Jun 17, 2026

CVE-2020-2075 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.. EPSS estimates a 1.43% chance of exploitation in the next 30 days.

Description

Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

1.43%

69.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Sick	Lms111 Firmware	< 1.04
Sick	Lms511 Firmware	< 2.30
Sick	Clv620 Firmware	All versions
Sick	Clv622 Firmware	All versions
Sick	Clv621 Firmware	All versions
Sick	Icr890-3 Firmware	All versions
Sick	Msc800 Firmware	< 4.10
Sick	Rfh Firmware	All versions
Sick	Clv650 Firmware	All versions
Sick	Clv651 Firmware	All versions
Sick	Clv631 Firmware	All versions
Sick	Clv630 Firmware	All versions
Sick	Clv632 Firmware	All versions
Sick	Clv640 Firmware	All versions
Sick	Clv642 Firmware	All versions
Sick	Lms100 Firmware	< 2.0
Sick	Lms101 Firmware	< 2.0
Sick	Lms111 Firmware	< 2.0
Sick	Lms153 Firmware	< 2.0
Sick	Lms151 Firmware	< 2.0
Sick	Lms133 Firmware	< 2.10
Sick	Lms142 Firmware	< 2.10
Sick	Lms143 Firmware	< 2.10
Sick	Lms131 Firmware	< 2.10
Sick	Lms121 Firmware	< 2.10
Sick	Lms123 Firmware	< 2.10
Sick	Lms122 Firmware	< 2.10
Sick	Lms141 Firmware	< 2.10
Sick	Lms511 Firmware	All versions
Sick	Lms531 Firmware	All versions
Sick	Lms500 Firmware	All versions
Sick	Icr890-3.5 Firmware	All versions

References

Timeline

Published: Aug 31, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-2075?

How severe is CVE-2020-2075?

CVE-2020-2075 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.43% probability of exploitation in the next 30 days.

How do I fix CVE-2020-2075?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-2075?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST