XSS Vulnerability in SICK Login Pages Affects SICK Products
CVE-2026-22919

3.8LOW

Key Information:

Vendor: Sick Ag
Status: Tdc-x401gl
Vendor: CVE Published:; 15 January 2026

🔔 Create Sick Ag Vulnerability Alert

What is CVE-2026-22919?

An XSS vulnerability exists in the login pages of SICK products that allows an attacker with administrative privileges to inject malicious scripts. This exploitation could lead to the unauthorized extraction of sensitive user data and compromise the security of the system, making it crucial for users to implement updated security measures.

Affected Version(s)

TDC-X401GL 0

References

https://sick.com/psirt

x_SICK PSIRT Security Advisories

https://www.sick.com/media/docs/9/19/719/special_informat...

x_SICK Operating Guidelines

https://www.cisa.gov/resources-tools/resources/ics-recomm...

x_ICS-CERT recommended practices on Industrial Security

CVSS V3.1

Score:

3.8

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 15, 2026
Vulnerability Reserved
Jan 13, 2026

CVE-2026-22919 Data

.