7.5

CVE-2026-22646

EPSS 0.04%
Veröffentlicht 15.01.2026 13:15:01
Zuletzt bearbeitet 29.01.2026 16:18:21
Quelle psirt@sick.de
CVE-Watchlists
Login
Unerledigt
Login

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions) that can be used to map the application's internal structure and discover other, more critical vulnerabilities.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sick ≫ Incoming Goods Suite Version < 1.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.126

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
psirt@sick.de	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-209 Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

https://sick.com/psirt

Vendor Advisory

https://www.cisa.gov/resources-tools/resources/ics-recommended-practices

US Government Resource

https://www.first.org/cvss/calculator/3.1

Not Applicable

https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf

Product

https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json

Vendor Advisory

https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-22646

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-22646

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-22646

EUVD