CVE-2025-49196

medium

Description

A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device.

References

Advisories
More

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json

https://www.first.org/cvss/calculator/3.1

https://www.cisa.gov/resources-tools/resources/ics-recommended-practices

https://sick.com/psirt

https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF

Details

Source: Mitre, NVD

Published: 2025-06-12

Updated: 2025-06-12

Risk Information

CVSS v2

Base Score: 6.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00024