Vulnerability Description
The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sick | Tloc100-100 Firmware | < 7.1.1 |
| Sick | Tloc100-100 | - |
Related Weaknesses (CWE)
References
- https://sick.com/psirtVendor Advisory
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practicesUS Government Resource
- https://www.first.org/cvss/calculator/3.1Not Applicable
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.jsonVendor Advisory
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdfVendor Advisory
- https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidProduct
FAQ
What is CVE-2025-59460?
CVE-2025-59460 is a vulnerability with a CVSS score of 7.5 (HIGH). The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.
How severe is CVE-2025-59460?
CVE-2025-59460 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-59460?
Check the references section above for vendor advisories and patch information. Affected products include: Sick Tloc100-100 Firmware, Sick Tloc100-100.