CVE-2025-0592 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SICK AG	CNA	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 40%

Common Weakness Enumeration

CWE-924 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel
The software establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.

References

https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF

https://sick.com/psirt

https://www.cisa.gov/resources-tools/resources/ics-recommended-practices

https://www.first.org/cvss/calculator/3.1

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.json

https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0002.pdf