CVE 9.1 CRITICAL

CVE-2026-22908_CVE-2026-22908

January 15, 2026 invoker category_cve

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Description

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality.

AI Analysis

Unvalidated container image upload vulnerability allowing remote attackers to gain full access to the system, compromising its integrity and confidentiality.

Basic Information

ID CVE-2026-22908

Source SICK AG

Published Jan 15, 2026 at 13:00

Affected Product

Vendor SICK AG

Product TDC-X401GL

Affected Versions SICK AG TDC-X401GL 0

CWE Classification

CWE-266

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor SICK AG

Product TDC-X401GL

References

{
    "lastseen": "",
    "description": "Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality.",
    "published": "2026-01-15T13:00:53.558Z",
    "modified": "2026-01-15T13:00:53.558Z",
    "type": "cve",
    "title": "CVE-2026-22908",
    "source": "SICK AG",
    "references": "https://sick.com/psirt\nhttps://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf\nhttps://www.cisa.gov/resources-tools/resources/ics-recommended-practices\nhttps://www.first.org/cvss/calculator/3.1\nhttps://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.json\nhttps://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.pdf",
    "id": "CVE-2026-22908",
    "bulletinFamily": "",
    "cwe": [
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "SICK AG TDC-X401GL 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TDC-X401GL",
    "version": "0",
    "vendor": "SICK AG",
    "ai_description": "Unvalidated container image upload vulnerability allowing remote attackers to gain full access to the system, compromising its integrity and confidentiality.",
    "ai_severity": "Critical",
    "ai_vendor": "SICK AG",
    "ai_product": "TDC-X401GL",
    "ai_version": "0",
    "ai_score": 9.1
}

💭 Join the Security Discussion ❌ Cancel Reply