Unauthorized Access Risk in SICK Products
CVE-2026-22907

9.9CRITICAL

Key Information:

Vendor: Sick Ag
Status: Tdc-x401gl
Vendor: CVE Published:; 15 January 2026

🔔 Create Sick Ag Vulnerability Alert

What is CVE-2026-22907?

The vulnerability found in SICK products poses a risk of unauthorized access to the host filesystem. This flaw could enable an attacker to read and manipulate system data, potentially compromising sensitive information and disrupting operations. Organizations are encouraged to review their security measures and apply the latest updates to mitigate this risk effectively.

Affected Version(s)

TDC-X401GL 0

References

https://sick.com/psirt

x_SICK PSIRT Security Advisories

https://www.sick.com/media/docs/9/19/719/special_informat...

x_SICK Operating Guidelines

https://www.cisa.gov/resources-tools/resources/ics-recomm...

x_ICS-CERT recommended practices on Industrial Security

CVSS V3.1

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 15, 2026
Vulnerability Reserved
Jan 13, 2026

CVE-2026-22907 Data

.