Search
Find a vulnerability
Search criteria
2 vulnerabilities found for TLOC100-100 by SICK AG
CVE-2025-59459 (GCVE-0-2025-59459)
Vulnerability from nvd – Published: 2025-10-27 10:09 – Updated: 2026-02-27 08:33
VLAI
Title
Denial-of-service (DoS) via resource consumption
Summary
An attacker that gains SSH access to an unprivileged account may be able to disrupt services (including SSH), causing persistent loss of availability.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://sick.com/psirt | x_SICK PSIRT Security Advisories |
| https://www.sick.com/media/docs/9/19/719/special_… | x_SICK Operating Guidelines |
| https://www.cisa.gov/resources-tools/resources/ic… | x_ICS-CERT recommended practices on Industrial Security |
| https://www.first.org/cvss/calculator/3.1 | x_CVSS v3.1 Calculator |
| https://www.sick.com/.well-known/csaf/white/2025/… | x_The canonical URL. |
| https://www.sick.com/.well-known/csaf/white/2025/… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| SICK AG | TLOC100-100 |
Affected:
0 , < <7.1.1
(custom)
|
|
| SICK AG | TLOC100-100 |
Unaffected:
>=7.1.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59459",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T13:20:12.147235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T13:20:18.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "TLOC100-100",
"vendor": "SICK AG",
"versions": [
{
"lessThan": "\u003c7.1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLOC100-100",
"vendor": "SICK AG",
"versions": [
{
"status": "unaffected",
"version": "\u003e=7.1.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn attacker that gains SSH access to an unprivileged account may be able to disrupt services (including SSH), causing persistent loss of availability.\u003c/p\u003e"
}
],
"value": "An attacker that gains SSH access to an unprivileged account may be able to disrupt services (including SSH), causing persistent loss of availability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T08:33:45.879Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_SICK PSIRT Security Advisories"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"x_SICK Operating Guidelines"
],
"url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
},
{
"tags": [
"x_ICS-CERT recommended practices on Industrial Security"
],
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"tags": [
"x_CVSS v3.1 Calculator"
],
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"tags": [
"x_The canonical URL."
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUsers are strongly recommended to upgrade to the latest release of TLOC100-100 (\u0026gt;= 7.1.1).\u003c/p\u003e"
}
],
"value": "Users are strongly recommended to upgrade to the latest release of TLOC100-100 (\u003e= 7.1.1)."
}
],
"source": {
"advisory": "SCA-2025-0013",
"discovery": "INTERNAL"
},
"title": "Denial-of-service (DoS) via resource consumption",
"x_generator": {
"engine": "csaf2cve 0.2.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2025-59459",
"datePublished": "2025-10-27T10:09:03.229Z",
"dateReserved": "2025-09-16T13:38:29.663Z",
"dateUpdated": "2026-02-27T08:33:45.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59459 (GCVE-0-2025-59459)
Vulnerability from cvelistv5 – Published: 2025-10-27 10:09 – Updated: 2026-02-27 08:33
VLAI
Title
Denial-of-service (DoS) via resource consumption
Summary
An attacker that gains SSH access to an unprivileged account may be able to disrupt services (including SSH), causing persistent loss of availability.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://sick.com/psirt | x_SICK PSIRT Security Advisories |
| https://www.sick.com/media/docs/9/19/719/special_… | x_SICK Operating Guidelines |
| https://www.cisa.gov/resources-tools/resources/ic… | x_ICS-CERT recommended practices on Industrial Security |
| https://www.first.org/cvss/calculator/3.1 | x_CVSS v3.1 Calculator |
| https://www.sick.com/.well-known/csaf/white/2025/… | x_The canonical URL. |
| https://www.sick.com/.well-known/csaf/white/2025/… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| SICK AG | TLOC100-100 |
Affected:
0 , < <7.1.1
(custom)
|
|
| SICK AG | TLOC100-100 |
Unaffected:
>=7.1.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59459",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T13:20:12.147235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T13:20:18.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "TLOC100-100",
"vendor": "SICK AG",
"versions": [
{
"lessThan": "\u003c7.1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TLOC100-100",
"vendor": "SICK AG",
"versions": [
{
"status": "unaffected",
"version": "\u003e=7.1.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn attacker that gains SSH access to an unprivileged account may be able to disrupt services (including SSH), causing persistent loss of availability.\u003c/p\u003e"
}
],
"value": "An attacker that gains SSH access to an unprivileged account may be able to disrupt services (including SSH), causing persistent loss of availability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T08:33:45.879Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_SICK PSIRT Security Advisories"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"x_SICK Operating Guidelines"
],
"url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
},
{
"tags": [
"x_ICS-CERT recommended practices on Industrial Security"
],
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"tags": [
"x_CVSS v3.1 Calculator"
],
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"tags": [
"x_The canonical URL."
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUsers are strongly recommended to upgrade to the latest release of TLOC100-100 (\u0026gt;= 7.1.1).\u003c/p\u003e"
}
],
"value": "Users are strongly recommended to upgrade to the latest release of TLOC100-100 (\u003e= 7.1.1)."
}
],
"source": {
"advisory": "SCA-2025-0013",
"discovery": "INTERNAL"
},
"title": "Denial-of-service (DoS) via resource consumption",
"x_generator": {
"engine": "csaf2cve 0.2.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2025-59459",
"datePublished": "2025-10-27T10:09:03.229Z",
"dateReserved": "2025-09-16T13:38:29.663Z",
"dateUpdated": "2026-02-27T08:33:45.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}