Path Traversal_CVE-2025-58591

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

A remote, unauthorized attacker can brute force folders and files and read them like private keys or configurations, making the application vulnerable for gathering sensitive information.

Basic Information

ID CVE-2025-58591

Source SICK AG

Published Oct 6, 2025 at 07:07

Affected Product

Vendor SICK AG

Product Baggage Analytics

Version all versions

Affected Versions SICK AG Baggage Analytics all versions
SICK AG Tire Analytics all versions
SICK AG Package Analytics all versions
SICK AG Logistic Diagnostic Analytics all versions

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A remote, unauthorized attacker can brute force folders and files and read them like private keys or configurations, making the application vulnerable for gathering sensitive information.",
    "published": "2025-10-06T07:07:30.103Z",
    "modified": "2025-10-06T07:07:30.103Z",
    "type": "cve",
    "title": "Path Traversal",
    "source": "SICK AG",
    "references": "https://sick.com/psirt\nhttps://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf\nhttps://www.cisa.gov/resources-tools/resources/ics-recommended-practices\nhttps://www.first.org/cvss/calculator/3.1\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf",
    "id": "CVE-2025-58591",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "SICK AG Baggage Analytics all versions\nSICK AG Tire Analytics all versions\nSICK AG Package Analytics all versions\nSICK AG Logistic Diagnostic Analytics all versions",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Baggage Analytics",
    "version": "all versions",
    "vendor": "SICK AG",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}