CNNVD-202506-1683 Information
CNNVD ID
CNNVD-202506-1683
Related CVE
- CNNVD Published: 2025-06-12
Description (Chinese)
SICK Field Analytics和SICK Media Server都是德国SICK公司的产品。SICK Field Analytics是一款用于评估制造数据的软件。SICK Media Server是一款媒体服务器。 SICK Field Analytics和SICK Media Server存在安全漏洞,该漏洞源于备份ZIP文件未签名,可能导致应用配置被篡改或流量重定向。
Description (English)
SICK Field Analytics and SICK Media Server are products of SICK Germany. SICK Field Analytics is a software for assessing manufacturing data. SICK Media Server is a media server. There is a security loophole between SICK Field Analytics and SICK Media Server, which stems from the non-signature of the backup ZIP file, which may result in the application configuration being tampered with or traffic redirected.
Hazard Level
Medium
Vulnerability Type
数据伪造问题
Affected Vendor
西克
Published
2025-06-12
Last Modified
2026-02-24
References
https://sick.com/psirt https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf https://www.first.org/cvss/calculator/3.1 https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json https://nvd.nist.gov/vuln/detail/CVE-2025-49199 https://access.redhat.com/security/cve/cve-2025-49199