CVE-2025-59460

Опубликовано: 27 окт. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.

Ссылки

https://sick.com/psirt
Vendor Advisory
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
US Government Resource
https://www.first.org/cvss/calculator/3.1
Not Applicable
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json
Vendor Advisory
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf
Vendor Advisory
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sick:tloc100-100_firmware:*:*:*:*:*:*:*:*

Версия до 7.1.1 (исключая)

cpe:2.3:h:sick:tloc100-100:-:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00058

Низкий

7.5 High

CVSS3

Дефекты

CWE-1391

Связанные уязвимости

GHSA-qm85-xhq4-w756