CVE-2025-27593

RCE due to Device Driver

Description

The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems.

INFO

Published Date :

2025-03-14T12:46:58.946Z

Last Modified :

2025-03-14T13:36:49.059Z

Source :

SICK AG

AFFECTED PRODUCTS

The following products are affected by CVE-2025-27593 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-27593.

URL	Resource
https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
https://github.security.telekom.com/2025/03/multiple-vulnerabilities-in-sick-dl100.html
https://sick.com/psirt
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
https://www.first.org/cvss/calculator/3.1
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0004.json
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0004.pdf

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact