CVE-2025-49192 MEDIUM

CVE-2025-49192: Clickjacking

Vendor Sick Ag
Product SICK Field Analytics
Weakness CWE-1021
Published June 12, 2025
Last update June 12, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different from what the user perceives. This could potentially reveal confidential information or allow others to take control of their computer while clicking on seemingly innocuous objects.

Key dates

02Disclosure timeline

June 12, 2025 CVE published
June 12, 2025 Record updated