Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-59460
PUBLISHED
More InfoOfficial Page
Assigner-SICK AG
Assigner Org ID-a6863dd2-93fc-443d-bef1-79f0b5020988
View Known Exploited Vulnerability (KEV) details
Published At-27 Oct, 2025 | 10:10
Updated At-27 Oct, 2025 | 18:10
Rejected At-
▼CVE Numbering Authority (CNA)
Unsecure access configuration

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.

Affected Products
Vendor
SICK AGSICK AG
Product
TLOC100-100 with Firmware <7.1.1
Default Status
affected
Versions
Affected
  • From 0 before <7.1.1 (custom)
Vendor
SICK AGSICK AG
Product
TLOC100-100 with Firmware >=7.1.1
Default Status
unaffected
Versions
Unaffected
  • >=7.1.1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-1391CWE-1391 Use of Weak Credentials
Type: CWE
CWE ID: CWE-1391
Description: CWE-1391 Use of Weak Credentials
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Users are strongly recommended to upgrade to the latest release of TLOC100-100 (>= 7.1.1).

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sick.com/psirt
x_SICK PSIRT Security Advisories
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
x_SICK Operating Guidelines
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
x_ICS-CERT recommended practices on Industrial Security
https://www.first.org/cvss/calculator/3.1
x_CVSS v3.1 Calculator
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json
x_The canonical URL.
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf
vendor-advisory
Hyperlink: https://sick.com/psirt
Resource:
x_SICK PSIRT Security Advisories
Hyperlink: https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
Resource:
x_SICK Operating Guidelines
Hyperlink: https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
Resource:
x_ICS-CERT recommended practices on Industrial Security
Hyperlink: https://www.first.org/cvss/calculator/3.1
Resource:
x_CVSS v3.1 Calculator
Hyperlink: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json
Resource:
x_The canonical URL.
Hyperlink: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found