Home

Description

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions) that can be used to map the application's internal structure and discover other, more critical vulnerabilities.

PUBLISHED Reserved 2026-01-08 | Published 2026-01-15 | Updated 2026-01-15 | Assigner SICK AG




MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-209 Generation of Error Message Containing Sensitive Information

Product status

Default status
affected

Any version before 1.2.1
affected

References

sick.com/psirt

www.sick.com/...lines_cybersecurity_by_sick_en_im0106719.pdf

www.cisa.gov/...es-tools/resources/ics-recommended-practices

www.first.org/cvss/calculator/3.1

www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json

www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf vendor-advisory

cve.org (CVE-2026-22646)

nvd.nist.gov (CVE-2026-22646)

Download JSON