XSS Vulnerability in SICK Login Pages Affects SICK Products
CVE-2026-22919

3.8LOW

Key Information:

Vendor

Sick Ag

Status
Tdc-x401gl
Vendor
CVE Published:
15 January 2026

What is CVE-2026-22919?

An XSS vulnerability exists in the login pages of SICK products that allows an attacker with administrative privileges to inject malicious scripts. This exploitation could lead to the unauthorized extraction of sensitive user data and compromise the security of the system, making it crucial for users to implement updated security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TDC-X401GL 0

References

https://sick.com/psirt
x_SICK PSIRT Security Advisories
https://www.sick.com/media/docs/9/19/719/special_informat...
x_SICK Operating Guidelines
https://www.cisa.gov/resources-tools/resources/ics-recomm...
x_ICS-CERT recommended practices on Industrial Security

CVSS V3.1

Score:
3.8
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.