CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-58586

For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.1%

CVSS Severity

CVSS v3 Score 5.3

References

https://sick.com/psirt
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
https://www.first.org/cvss/calculator/3.1
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf

Products affected by CVE-2025-58586

Sick » Baggage Analytics » Version: Any

cpe:2.3:a:sick:baggage_analytics:*
Sick » Enterprise Analytics » Version: Any

cpe:2.3:a:sick:enterprise_analytics:*
Sick » Logistic Diagnostic Analytics » Version: Any

cpe:2.3:a:sick:logistic_diagnostic_analytics:*
Sick » Package Analytics » Version: 04.0.0

cpe:2.3:a:sick:package_analytics:04.0.0
Sick » Package Analytics » Version: 04.1.1

cpe:2.3:a:sick:package_analytics:04.1.1
Sick » Tire Analytics » Version: Any

cpe:2.3:a:sick:tire_analytics:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-58586

Products

Pricing

Contact Us