CVE-2025-59460 HIGH

CVE-2025-59460: Unsecure access configuration

Vendor Sick Ag
Product TLOC100-100 with Firmware <7.1.1
Weakness CWE-1391
Published October 27, 2025
Last update October 27, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.

Key dates

02Disclosure timeline

October 27, 2025 CVE published
October 27, 2025 Record updated