CVE-2025-59460 | THREATINT

Description

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.

PUBLISHED Reserved 2025-09-16 | Published 2025-10-27 | Updated 2025-10-27 | Assigner SICK AG

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-1391 Use of Weak Credentials

Product status

Default status

affected

Any version before <7.1.1

affected

Default status

unaffected

>=7.1.1 (custom)

unaffected

References

sick.com/psirt

www.sick.com/...lines_cybersecurity_by_sick_en_im0106719.pdf

www.cisa.gov/...es-tools/resources/ics-recommended-practices

www.first.org/cvss/calculator/3.1

www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json

www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf vendor-advisory

cve.org (CVE-2025-59460)

nvd.nist.gov (CVE-2025-59460)

Download JSON