Remote Data Access Vulnerability in SICK Products
CVE-2025-59461

7.6HIGH

Key Information:

Vendor: Sick Ag
Status: Tloc100-100 All Firmware Versions
Vendor: CVE Published:; 27 October 2025

🔔 Create Sick Ag Vulnerability Alert

What is CVE-2025-59461?

A vulnerability exists within SICK industrial products that allows remote unauthenticated attackers to access and potentially modify sensitive data through the C++ API. This can lead to service disruptions, posing a significant risk to data integrity and operational stability.

Affected Version(s)

TLOC100-100 all Firmware all versions

References

https://sick.com/psirt

x_SICK PSIRT Security Advisories

https://www.sick.com/media/docs/9/19/719/special_informat...

x_SICK Operating Guidelines

https://www.cisa.gov/resources-tools/resources/ics-recomm...

x_ICS-CERT recommended practices on Industrial Security

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 27, 2025
Vulnerability Reserved
Sep 16, 2025

.