CVE-2025-58589
Information Disclosure Through Stacktrace
When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker thus receives information about the technology used and the structure of the application.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Productos afectados
SICK AG · Baggage AnalyticsSICK AG · Logistic Diagnostic AnalyticsSICK AG · Package AnalyticsSICK AG · Tire Analytics¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://sick.com/psirthttps://www.cisa.gov/resources-tools/resources/ics-recommended-practiceshttps://www.first.org/cvss/calculator/3.1https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdfhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.jsonhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf