TLOC100-100%20all%20Firmware%20versions

TLOC100-100 all Firmware versions

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2025-59463

Assigner-SICK AG

View Details

Assigner-SICK AG

CVSS Score-4.3||MEDIUM

EPSS-0.09% / 26.01%

7 Day CHG~0.00%

Published-27 Oct, 2025 | 10:14

Updated-03 Nov, 2025 | 19:25

Denial-of-service (DoS) via chunk size mismatch

An attacker may cause chunk-size mismatches that block file transfers and prevent subsequent transfers.

Vendor-SICK AG

Product-tloc100-100 tloc100-100_firmware TLOC100-100 all Firmware versions

CWE ID-CWE-833

Deadlock

CVE-2025-59462

Assigner-SICK AG

View Details

Assigner-SICK AG

CVSS Score-6.5||MEDIUM

EPSS-0.12% / 30.95%

7 Day CHG~0.00%

Published-27 Oct, 2025 | 10:12

Updated-03 Nov, 2025 | 19:36

Denial-of-service (DoS) via delayed or missing client response

An attacker who tampers with the C++ CLI client may crash the UpdateService during file transfers, disrupting updates and availability.

Vendor-SICK AG

Product-tloc100-100 tloc100-100_firmware TLOC100-100 all Firmware versions

CWE ID-CWE-248

Uncaught Exception

CVE-2025-59461

Assigner-SICK AG

View Details

Assigner-SICK AG

CVSS Score-7.6||HIGH

EPSS-0.18% / 40.34%

7 Day CHG-0.02%

Published-27 Oct, 2025 | 10:11

Updated-03 Nov, 2025 | 19:41

API does not require authentication

A remote unauthenticated attacker may use the unauthenticated C++ API to access or modify sensitive data and disrupt services.

Vendor-SICK AG

Product-tloc100-100 tloc100-100_firmware TLOC100-100 all Firmware versions

CWE ID-CWE-862

Missing Authorization