CVE-2025-49186

MEDIUM 5.3

No brute-force protection

CVSS Score

5.3

EPSS Score

0.3%

EPSS Percentile

52th

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks.

CWE	CWE-307
Vendor	sick ag
Product	field analytics
Published	Jun 12, 2025
Last Updated	May 13, 2026

Stay Ahead of the Next One

Get instant alerts for sick ag field analytics

Be the first to know when new medium vulnerabilities affecting sick ag field analytics are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected Versions

SICK AG / Field Analytics

all versions

SICK AG / Baggage Analytics

0 < 4.6.3

SICK AG / Tire Analytics

0 < 4.6.3

SICK AG / Package Analytics

0 < 4.6.3

SICK AG / Logistic Diagnostic Analytics

0 < 4.6.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

sick.com: https://sick.com/psirt cdn.sick.com: https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF cisa.gov: https://www.cisa.gov/resources-tools/resources/ics-recommended-practices first.org: https://www.first.org/cvss/calculator/3.1 sick.com: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf sick.com: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json