Vulnerability Description
The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different from what the user perceives. This could potentially reveal confidential information or allow others to take control of their computer while clicking on seemingly innocuous objects.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sick | Field Analytics | - |
| Sick | Media Server | < 1.5 |
Related Weaknesses (CWE)
References
- https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SIBroken Link
- https://sick.com/psirtVendor Advisory
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practicesUS Government Resource
- https://www.first.org/cvss/calculator/3.1Not Applicable
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.jsonVendor Advisory
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdfVendor Advisory
FAQ
What is CVE-2025-49192?
CVE-2025-49192 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different from what the user per...
How severe is CVE-2025-49192?
CVE-2025-49192 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-49192?
Check the references section above for vendor advisories and patch information. Affected products include: Sick Field Analytics, Sick Media Server.