CVE-2026-22918

Опубликовано: 15 янв. 2026

Источник: nvd

CVSS3: 4.3

CVSS3: 8.2

EPSS Низкий

Описание

An attacker may exploit missing protection against clickjacking by tricking users into performing unintended actions through maliciously crafted web pages, leading to the extraction of sensitive data.

Ссылки

https://sick.com/psirt
Vendor Advisory
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
US Government Resource
https://www.first.org/cvss/calculator/3.1
Not Applicable
https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.json
Vendor Advisory
https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.pdf
Vendor Advisory
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sick:tdc-x401gl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sick:tdc-x401gl:-:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00054

Низкий

4.3 Medium

CVSS3

8.2 High

CVSS3

Дефекты

CWE-1021

Связанные уязвимости

GHSA-57w5-88pw-9866

CVSS3: 4.3

github

23 дня назад

EPSS

Процентиль: 17%

0.00054

Низкий

4.3 Medium

CVSS3

8.2 High

CVSS3

Дефекты

CWE-1021