CVE-2025-49196 | THREATINT

Description

A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device.

PUBLISHED Reserved 2025-06-03 | Published 2025-06-12 | Updated 2025-06-17 | Assigner SICK AG

MEDIUM: 6.5CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Problem types

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

Product status

Default status

affected

all versions (custom)

affected

References

cdn.sick.com/...ation_CYBERSECURITY_BY_SICK_en_IM0084411.PDF

www.cisa.gov/...es-tools/resources/ics-recommended-practices

www.first.org/cvss/calculator/3.1

www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf vendor-advisory

www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json vendor-advisory

cve.org (CVE-2025-49196)

nvd.nist.gov (CVE-2025-49196)

Download JSON

help @ threatint.eu