CVE-2025-49186 | THREATINT

Description

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.

PUBLISHED Reserved 2025-06-03 | Published 2025-06-12 | Updated 2026-05-13 | Assigner SICK AG

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-307 Improper Restriction of Excessive Authentication Attempts

Product status

Default status

affected

all versions (custom)

affected

Default status

affected

Any version before 4.6.3

affected

Default status

affected

Any version before 4.6.3

affected

Default status

affected

Any version before 4.6.3

affected

Default status

affected

Any version before 4.6.3

affected

References

sick.com/psirt

cdn.sick.com/...ation_CYBERSECURITY_BY_SICK_en_IM0084411.PDF

www.cisa.gov/...es-tools/resources/ics-recommended-practices

www.first.org/cvss/calculator/3.1

www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf vendor-advisory

www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json vendor-advisory

cve.org (CVE-2025-49186)

nvd.nist.gov (CVE-2025-49186)

Download JSON