Improper Login Parameter Validation in SICK Products
CVE-2026-22912

4.3MEDIUM

Key Information:

Vendor

Sick Ag

Status
Tdc-x401gl
Vendor
CVE Published:
15 January 2026

What is CVE-2026-22912?

The vulnerability arises from improper validation of login parameters in certain SICK products, potentially allowing attackers to redirect authenticated users to malicious websites. This misconfiguration poses a significant risk as it could enable unauthorized access, leading to the compromise of sensitive credentials from unsuspecting users, thereby increasing the potential for broader security incidents.

Affected Version(s)

TDC-X401GL 0

References

https://sick.com/psirt
x_SICK PSIRT Security Advisories
https://www.sick.com/media/docs/9/19/719/special_informat...
x_SICK Operating Guidelines
https://www.cisa.gov/resources-tools/resources/ics-recomm...
x_ICS-CERT recommended practices on Industrial Security

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.