SSH Access Vulnerability in SICK Industrial Products
CVE-2025-59459

5.5MEDIUM

Key Information:

Vendor: Sick Ag
Status: Tloc100-100 With Firmware <7.1.1; Tloc100-100 With Firmware >=7.1.1
Vendor: CVE Published:; 27 October 2025

🔔 Create Sick Ag Vulnerability Alert

What is CVE-2025-59459?

An attacker who successfully gains SSH access to a low-privileged account on SICK industrial products may disrupt critical services, including SSH, which could result in persistent service unavailability. This vulnerability highlights the importance of securing SSH access to prevent unauthorized manipulation and ensure continuity of services.

Affected Version(s)

TLOC100-100 with Firmware <7.1.1 0

TLOC100-100 with Firmware >=7.1.1 >=7.1.1

References

https://sick.com/psirt

x_SICK PSIRT Security Advisories

https://www.sick.com/media/docs/9/19/719/special_informat...

x_SICK Operating Guidelines

https://www.cisa.gov/resources-tools/resources/ics-recomm...

x_ICS-CERT recommended practices on Industrial Security

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 27, 2025
Vulnerability Reserved
Sep 16, 2025

.