CVE-2025-49193 Information

Description

The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g. preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code (XSS attacks).

Reference

https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF https://sick.com/psirt https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.first.org/cvss/calculator/3.1 https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf

Related CNNVD

CNNVD-202506-1675 (Published: 2025-06-12)