Unsecure access configuration_CVE-2025-59460

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.

Basic Information

ID CVE-2025-59460

Source SICK AG

Published Oct 27, 2025 at 10:10

Affected Product

Vendor SICK AG

Product TLOC100-100 with Firmware <7.1.1

Affected Versions SICK AG TLOC100-100 with Firmware <7.1.1 0

CWE Classification

CWE-1391

References

{
    "lastseen": "",
    "description": "The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.",
    "published": "2025-10-27T10:10:31.105Z",
    "modified": "2025-10-27T10:10:31.105Z",
    "type": "cve",
    "title": "Unsecure access configuration",
    "source": "SICK AG",
    "references": "https://sick.com/psirt\nhttps://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf\nhttps://www.cisa.gov/resources-tools/resources/ics-recommended-practices\nhttps://www.first.org/cvss/calculator/3.1\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf",
    "id": "CVE-2025-59460",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1391"
    ],
    "cvelist": null,
    "sourceData": "SICK AG TLOC100-100 with Firmware <7.1.1 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TLOC100-100 with Firmware <7.1.1",
    "version": "0",
    "vendor": "SICK AG",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}