CVE-2025-27593
RCE due to Device Driver
The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Productos afectados
SICK AG · SICK DL100-2xxxxxxx¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDFhttps://github.security.telekom.com/2025/03/multiple-vulnerabilities-in-sick-dl100.htmlhttps://sick.com/psirthttps://www.cisa.gov/resources-tools/resources/ics-recommended-practiceshttps://www.first.org/cvss/calculator/3.1https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0004.jsonhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0004.pdf