CVE-2025-58591 | THREATINT

Description

A remote, unauthorized attacker can brute force folders and files and read them like private keys or configurations, making the application vulnerable for gathering sensitive information.

PUBLISHED Reserved 2025-09-03 | Published 2025-10-06 | Updated 2025-10-06 | Assigner SICK AG

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status

affected

all versions

affected

Default status

affected

all versions

affected

Default status

affected

all versions

affected

Default status

affected

all versions

affected

References

www.sick.com/...lines_cybersecurity_by_sick_en_im0106719.pdf

www.cisa.gov/...es-tools/resources/ics-recommended-practices

www.first.org/cvss/calculator/3.1

www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json

www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf vendor-advisory

cve.org (CVE-2025-58591)

nvd.nist.gov (CVE-2025-58591)

Download JSON

help @ threatint.eu