CVE-2025-49182

EPSS 0.1%
Veröffentlicht 12.06.2025 13:15:02
Zuletzt bearbeitet 29.01.2026 17:59:50
Quelle psirt@sick.de
CVE-Watchlists
Login
Unerledigt
Login

Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sick ≫ Media Server Version < 1.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.283

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
psirt@sick.de	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-540 Inclusion of Sensitive Information in Source Code

Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.

https://sick.com/psirt

Vendor Advisory

https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF

Broken Link

https://www.cisa.gov/resources-tools/resources/ics-recommended-practices

US Government Resource

https://www.first.org/cvss/calculator/3.1

Not Applicable

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json

Vendor Advisory

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-49182

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-49182

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-49182

EUVD