CNNVD-202506-1673 Information
CNNVD ID
CNNVD-202506-1673
Related CVE
- CNNVD Published: 2025-06-12
Description (Chinese)
SICK Field Analytics和SICK Media Server都是德国SICK公司的产品。SICK Field Analytics是一款用于评估制造数据的软件。SICK Media Server是一款媒体服务器。 SICK Field Analytics和SICK Media Server存在代码问题漏洞,该漏洞源于容易受到服务端请求伪造攻击,可能发送内部请求到其他端口。
Description (English)
SICK Field Analytics and SICK Media Server are products of SICK Germany. SICK Field Analytics is a software for assessing manufacturing data. SICK Media Server is a media server. SICK Field Analytics and SICK Media Server had a code gap, which stemmed from the vulnerability of the service to requests for false attacks and the possibility of sending internal requests to other ports.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
西克
Published
2025-06-12
Last Modified
2026-02-24
References
https://sick.com/psirt https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf https://www.first.org/cvss/calculator/3.1 https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json https://access.redhat.com/security/cve/cve-2025-49190 https://nvd.nist.gov/vuln/detail/CVE-2025-49190