sca-2025-0010
Vulnerability from csaf_sick
Published
2025-10-02 13:00
Modified
2025-10-02 13:00
Summary
Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products
Notes
summary
SICK has found multiple vulnerabilities in SICK Enterprise Analytics and the SICK Logistic Analytics products. The vulnerabilities could potentially affect the confidentiality, integrity an availability of the products. Therefore it is strongly recommended to apply general security practices when operating the products. Currently, SICK is not aware of any public exploits.
General Security Measures
As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.
Vulnerability Classification
SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "SICK has found multiple vulnerabilities in SICK Enterprise Analytics and the SICK Logistic Analytics products. The vulnerabilities could potentially affect the confidentiality, integrity an availability of the products. Therefore it is strongly recommended to apply general security practices when operating the products. Currently, SICK is not aware of any public exploits.",
"title": "summary"
},
{
"category": "general",
"text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Security Measures"
},
{
"category": "general",
"text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
"title": "Vulnerability Classification"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@sick.de",
"issuing_authority": "SICK AG issues and issues in EHS products (when related to the Endress+Hauser SICK (EHS) joint venture).",
"name": "SICK PSIRT",
"namespace": "https://www.sick.com/psirt"
},
"references": [
{
"summary": "SICK PSIRT Security Advisories",
"url": "https://sick.com/psirt"
},
{
"summary": "SICK Operating Guidelines",
"url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
},
{
"summary": "ICS-CERT recommended practices on Industrial Security",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"summary": "CVSS v3.1 Calculator",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"category": "self",
"summary": "The canonical URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json"
}
],
"title": "Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products",
"tracking": {
"current_release_date": "2025-10-02T13:00:00.000Z",
"generator": {
"date": "2025-10-02T09:09:44.241Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.36"
}
},
"id": "SCA-2025-0010",
"initial_release_date": "2025-10-02T13:00:00.000Z",
"revision_history": [
{
"date": "2025-10-02T13:00:00.000Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK Enterprise Analytics all versions",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Enterprise Analytics"
}
],
"category": "product_family",
"name": "Analytics Solutions"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 4.6.1",
"product": {
"name": "SICK Baggage Analytics \u003c= 4.6.1",
"product_id": "CSAFPID-0002"
}
},
{
"category": "product_version",
"name": "4.6.2",
"product": {
"name": "SICK Baggage Analytics 4.6.2",
"product_id": "CSAFPID-0003"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK Baggage Analytics all versions",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Baggage Analytics"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 4.6.1",
"product": {
"name": "SICK Tire Analytics \u003c= 4.6.1",
"product_id": "CSAFPID-0005"
}
},
{
"category": "product_version",
"name": "4.6.2",
"product": {
"name": "SICK Tire Analytics 4.6.2",
"product_id": "CSAFPID-0006"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK Tire Analytics all versions",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "Tire Analytics"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 4.6.1",
"product": {
"name": "SICK Package Analytics \u003c= 4.6.1",
"product_id": "CSAFPID-0008"
}
},
{
"category": "product_version",
"name": "4.6.2",
"product": {
"name": "SICK Package Analytics 4.6.2",
"product_id": "CSAFPID-0009"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK Package Analytics all versions",
"product_id": "CSAFPID-0010"
}
}
],
"category": "product_name",
"name": "Package Analytics"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 4.6.1",
"product": {
"name": "SICK Logistic Diagnostic Analytics \u003c= 4.6.1",
"product_id": "CSAFPID-0011"
}
},
{
"category": "product_version",
"name": "4.6.2",
"product": {
"name": "SICK Logistic Diagnostic Analytics 4.6.2",
"product_id": "CSAFPID-0012"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK Logistic Diagnostic Analytics all versions",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "Logistic Diagnostic Analytics"
}
],
"category": "product_family",
"name": "Logistic Analytics"
}
],
"category": "vendor",
"name": "SICK AG"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9914",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "The credentials of the users stored in the system\u0027s local database can be used for the log in, making it possible for an attacker to gain unauthorized access. This could potentially affect the confidentiality of the application.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"title": "Authentication with database users is possible"
},
{
"cve": "CVE-2025-9913",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "JavaScript can be ran inside the address bar via the dashboard \"Open in new Tab\" Button, making the application vulnerable to session hijacking.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 4.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"title": "Cross Site Scripting: Session Hijacking"
},
{
"cve": "CVE-2025-58587",
"cwe": {
"id": "CWE-307",
"name": "Improper Restriction of Excessive Authentication Attempts"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "The application does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it possible for an attacker to guess user credentials.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"title": "Improper Restriction of Excessive Authentication Attempts"
},
{
"cve": "CVE-2025-49184",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"title": "Information Disclosure to Unauthorized User"
},
{
"cve": "CVE-2025-58589",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker thus receives information about the technology used and the structure of the application.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalScore": 2.7,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 2.7,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"title": "Information Disclosure Through Stacktrace - /User/User"
},
{
"cve": "CVE-2025-58590",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "It\u0027s possible to brute force folders and files, what can be used by an attacker to steal sensitve information.",
"title": "Summary"
}
],
"product_status": {
"fixed": [
"CSAFPID-0003",
"CSAFPID-0006",
"CSAFPID-0009",
"CSAFPID-0012"
],
"known_affected": [
"CSAFPID-0002",
"CSAFPID-0005",
"CSAFPID-0008",
"CSAFPID-0011"
],
"recommended": [
"CSAFPID-0003",
"CSAFPID-0006",
"CSAFPID-0009",
"CSAFPID-0012"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "It is stronlgy recommended to update to the latest version (\u003e= 4.6.2).",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0005",
"CSAFPID-0008",
"CSAFPID-0011"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0002",
"CSAFPID-0005",
"CSAFPID-0008",
"CSAFPID-0011"
]
}
],
"title": "Path traversal \u2013 get list of files and folders"
},
{
"cve": "CVE-2025-58591",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "A remote, unauthorized attacker can brute force folders and files and read them like private keys or configurations, making the application vulnerable for gathering sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"title": "Path Traversal \u2013 Read File Content"
},
{
"cve": "CVE-2025-58584",
"cwe": {
"id": "CWE-598",
"name": "Use of GET Request Method With Sensitive Query Strings"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed unintentionally.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"title": "Plain Text Transmission of Username and Password in the URL"
},
{
"cve": "CVE-2025-58585",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Multiple endpoints with sensitive information do not require authentication, making the application susceptible to information gathering.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"title": "Sensitive Information Disclosure Through Missing Authentication"
},
{
"cve": "CVE-2025-58586",
"cwe": {
"id": "CWE-204",
"name": "Observable Response Discrepancy"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"title": "User Enumeration"
},
{
"cve": "CVE-2025-58579",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013",
"CSAFPID-0001"
]
}
],
"title": "Username Disclosure Through Missing Authentication"
},
{
"cve": "CVE-2025-58583",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "The application provides access to a login protected H2 database for caching purposes. The username is prefilled.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "H2 \u2013User Enumeration"
},
{
"cve": "CVE-2025-58581",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker can thus obtain information about the technology used and the structure of the application.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "Information Disclosure Through Stacktrace-/MQTT/Config/changeAll"
},
{
"cve": "CVE-2025-58580",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "An API endpoint allows arbitrary log entries to be created via POST request. Without sufficient validation of the input data, an attacker can create manipulated log entries and thus falsify or dilute logs, for example.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "Injection via log file"
},
{
"cve": "CVE-2025-58582",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "If a user tries to login but the provided credentials are incorrect a log is created. The data for this POST requests is not validated and it\u2019s possible to send giant payloads which are then logged.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "Uncontrolled Resource Consumption via log file"
},
{
"cve": "CVE-2025-58578",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "A user with the appropriate authorization can create any number of user accounts via an API endpoint using a POST request. There are no quotas, checking mechanisms or restrictions to limit the creation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"environmentalScore": 3.8,
"environmentalSeverity": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 3.8,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "Unlimited user creation by authorized users"
},
{
"cve": "CVE-2025-49186",
"cwe": {
"id": "CWE-307",
"name": "Improper Restriction of Excessive Authentication Attempts"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"title": "No Brute-Force Protection"
},
{
"cve": "CVE-2025-49193",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code (XSS attacks).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 4.2,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4.2,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0004",
"CSAFPID-0007",
"CSAFPID-0010",
"CSAFPID-0013"
]
}
],
"title": "Missing HTTP Security Headers"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…