Outdated Operating System Vulnerability in SICK Devices
CVE-2025-10561

9.3CRITICAL

Key Information:

Vendor

Sick Ag

Status
Tloc100-100 All Firmware Versions
Vendor
CVE Published:
27 October 2025

What is CVE-2025-10561?

Devices manufactured by SICK may be at risk due to their reliance on outdated operating systems. This situation creates an exposure to known vulnerabilities that could potentially be exploited, putting sensitive data and operations at risk. Organizations are encouraged to regularly update their device operating systems to the latest versions, adhere to industry best practices in cybersecurity, and follow guidelines provided by SICK and other security institutions to mitigate these risks.

Affected Version(s)

TLOC100-100 all Firmware all versions

References

https://sick.com/psirt
x_SICK PSIRT Security Advisories
https://www.sick.com/media/docs/9/19/719/special_informat...
x_SICK Operating Guidelines
https://www.cisa.gov/resources-tools/resources/ics-recomm...
x_ICS-CERT recommended practices on Industrial Security

CVSS V3.1

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.