Vulnerability Details CVE-2025-49184
A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.0%
CVSS Severity
CVSS v3 Score 7.5
References
- https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
- https://sick.com/psirt
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
- https://www.first.org/cvss/calculator/3.1
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf
Products affected by CVE-2025-49184
-
cpe:2.3:a:sick:baggage_analytics:-
-
cpe:2.3:a:sick:baggage_analytics:4.6.1
-
cpe:2.3:a:sick:enterprise_analytics:-
-
cpe:2.3:a:sick:field_analytics:-
-
cpe:2.3:a:sick:logistic_diagnostic_analytics:-
-
cpe:2.3:a:sick:logistic_diagnostic_analytics:4.6.1
-
cpe:2.3:a:sick:package_analytics:-
-
cpe:2.3:a:sick:package_analytics:04.0.0
-
cpe:2.3:a:sick:package_analytics:04.1.1
-
cpe:2.3:a:sick:package_analytics:4.6.1
-
cpe:2.3:a:sick:tire_analytics:-
-
cpe:2.3:a:sick:tire_analytics:4.6.1