CVE-2025-49183

Unencrypted communication (HTTP)

Description

All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files.

INFO

Published Date :

2025-06-12T13:21:57.463Z

Last Modified :

2025-06-13T08:18:11.333Z

Source :

SICK AG

AFFECTED PRODUCTS

The following products are affected by CVE-2025-49183 vulnerability.

Vendors	Products
Sick	Media Server

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-49183.

URL	Resource
https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
https://sick.com/psirt
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
https://www.first.org/cvss/calculator/3.1
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact