Vulnerability Details CVE-2025-49184
A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.9%
CVSS Severity
CVSS v3 Score 7.5
References
- https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
- https://sick.com/psirt
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
- https://www.first.org/cvss/calculator/3.1
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf
Products affected by CVE-2025-49184
-
cpe:2.3:a:sick:baggage_analytics:*
-
cpe:2.3:a:sick:enterprise_analytics:*
-
cpe:2.3:a:sick:field_analytics:*
-
cpe:2.3:a:sick:logistic_diagnostic_analytics:*
-
cpe:2.3:a:sick:package_analytics:04.0.0
-
cpe:2.3:a:sick:package_analytics:04.1.1
-
cpe:2.3:a:sick:tire_analytics:*