CVE-2026-22910
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: SICK AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sick_ag | tdc-x401gl | to 1.4.0 (exc) |
| sick_ag | meac300 | * |
| sick_ag | lector8xx | * |
| sick_ag | inspectorp8xx | * |
| sick_ag | dl100-2xxxxxxx | * |
| sick_ag | flexi_compact | * |
| sick_ag | picoscan | * |
| sick_ag | multiscan | * |
| sick_ag | field_analytics | * |
| sick_ag | media_server | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1391 | The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the device being deployed with weak and publicly known default passwords for certain hidden user levels. This weakness increases the risk of unauthorized access to the system, posing a high risk to the system's integrity.
How can this vulnerability impact me? :
The vulnerability can allow unauthorized users to gain access to hidden user levels on the device due to weak default passwords. This unauthorized access threatens the integrity of the system, potentially allowing attackers to manipulate or interfere with system operations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The provided resources do not include specific commands or direct detection methods for this vulnerability. However, general best practices for detecting unauthorized access due to weak or default passwords include monitoring for unusual login attempts, scanning for devices with default credentials, and auditing user accounts for hidden or undocumented users. Network monitoring and device inventory management as described in the SICK Operating Guidelines can help detect unauthorized access or configuration changes. For detailed detection commands or tools, consult the vendor's security advisories or implement network and system monitoring solutions tailored to your environment. [4]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include changing the weak and publicly known default passwords for all hidden user levels on the affected devices to strong, unique passwords. Additionally, implement network segmentation and restrict network access to the device to minimize exposure. Follow the cybersecurity best practices outlined in the SICK Operating Guidelines, such as using firewalls, access controls, and monitoring. Contact SICK PSIRT for any available security advisories or updates. Since this vulnerability involves default credentials, ensuring that default passwords are replaced is critical to prevent unauthorized access. [1, 4]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability involves weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access and posing a high risk to system integrity. Such unauthorized access risks can lead to non-compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity. However, the provided resources do not explicitly discuss the impact of this specific vulnerability on compliance with these standards or regulations.