CVE-2026-22916

EPSS 0.05%
Veröffentlicht 15.01.2026 13:16:06
Zuletzt bearbeitet 23.01.2026 15:13:01
Quelle psirt@sick.de
CVE-Watchlists
Login
Unerledigt
Login

An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sick ≫ Tdc-x401gl Firmware

Sick ≫ Tdc-x401gl Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.16

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.4	2.8	2.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
psirt@sick.de	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE-266 Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

https://sick.com/psirt

Vendor Advisory

https://www.cisa.gov/resources-tools/resources/ics-recommended-practices

US Government Resource

https://www.first.org/cvss/calculator/3.1

Not Applicable

https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf

Product

https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.json

Vendor Advisory

https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-22916

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-22916

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-22916

EUVD