Home

Description

When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker can thus obtain information about the technology used and the structure of the application.

PUBLISHED Reserved 2025-09-03 | Published 2025-10-06 | Updated 2025-10-06 | Assigner SICK AG




MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status
affected

all versions
affected

References

sick.com/psirt

www.sick.com/...lines_cybersecurity_by_sick_en_im0106719.pdf

www.cisa.gov/...es-tools/resources/ics-recommended-practices

www.first.org/cvss/calculator/3.1

www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json

www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf vendor-advisory

cve.org (CVE-2025-58581)

nvd.nist.gov (CVE-2025-58581)

Download JSON