CVE-2025-9914

EPSS 0.06%
Veröffentlicht 06.10.2025 06:45:59
Zuletzt bearbeitet 29.01.2026 01:56:06
Quelle psirt@sick.de
CVE-Watchlists
Login
Unerledigt
Login

The credentials of the users stored in the system's local database can be used for the log in, making it possible for an attacker to gain unauthorized access. This could potentially affect the confidentiality of the application.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sick ≫ Baggage Analytics

Sick ≫ Logistic Diagnostic Analytics

Sick ≫ Package Analytics

Sick ≫ Tire Analytics

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.179

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
psirt@sick.de	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-288 Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

https://sick.com/psirt

Vendor Advisory

https://www.cisa.gov/resources-tools/resources/ics-recommended-practices

US Government Resource

https://www.first.org/cvss/calculator/3.1

Not Applicable

https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf

Product

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json

Vendor Advisory

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-9914

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-9914

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-9914

EUVD