7.5
/ 10
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Certain system functions may be accessed without proper authorization, allowing attackers to start, stop, or delete installed applications, potentially disrupting system operations.
Basic Information
ID
CVE-2026-22909
Source
SICK AG
Published
Jan 15, 2026 at 13:01
Affected Product
Vendor
SICK AG
Product
TDC-X401GL
Version
all versions
Affected Versions
SICK AG TDC-X401GL all versions
CWE Classification
References
- sick.com /psirt
- www.sick.com /media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
- www.cisa.gov /resources-tools/resources/ics-recommended-practices
- www.first.org /cvss/calculator/3.1
- www.sick.com /.well-known/csaf/white/2026/sca-2026-0001.json
- www.sick.com /.well-known/csaf/white/2026/sca-2026-0001.pdf