CVE-2025-59460

HIGH

7.5

Description

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.

CVE Details

CVSS v3.1 Score7.5

SeverityHIGH

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published10/27/2025

Last Modified11/3/2025

Sourcenvd

Honeypot Sightings0

Affected Products

sick:tloc100-100sick:tloc100-100_firmware

Weaknesses (CWE)

CWE-1391

References

https://sick.com/psirt(psirt@sick.de)

https://www.cisa.gov/resources-tools/resources/ics-recommended-practices(psirt@sick.de)

https://www.first.org/cvss/calculator/3.1(psirt@sick.de)

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json(psirt@sick.de)

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf(psirt@sick.de)

https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf(psirt@sick.de)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.