CVE-2025-49196

low-risk
Published 2025-06-12

A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device.

Do I need to act?

-
0.16% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10 Medium
NETWORK / HIGH complexity

Affected Products (1)

Field Analytics

Affected Vendors

Sick

References (6)

Broken Link https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SI...
Vendor Advisory https://sick.com/psirt
US Government Resource https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
Not Applicable https://www.first.org/cvss/calculator/3.1
Vendor Advisory https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json
Vendor Advisory https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf
26
/ 100
low-risk
Severity 20/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal