CVE-2025-49194
Analyzed
Analyzed - Analysis Complete
BaseFortify
Publication date: 2025-06-12
Last updated on: 2026-01-26
Assigner: SICK AG
Description
Description
The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credentials would be exposed.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sick | media_server | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-319 | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs because the server supports authentication methods that send credentials in plaintext over unencrypted channels. This means that if an attacker intercepts the communication between a client and the server, they can capture and read the credentials easily.
How can this vulnerability impact me? :
If exploited, this vulnerability can lead to credential exposure, allowing attackers to gain unauthorized access to user accounts or systems by intercepting plaintext credentials during authentication.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70