CVE-2026-22913
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: SICK AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sick_ag | tdc-x401gl | to 1.4.0 (exc) |
| sick_ag | meac300 | * |
| sick_ag | lector8xx | * |
| sick_ag | inspectorp8xx | * |
| sick_ag | dl100-2xxxxxxx | * |
| sick_ag | flexi_compact | * |
| sick_ag | picoscan | * |
| sick_ag | multiscan | * |
| sick_ag | field_analytics | * |
| sick_ag | media_server | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper handling of a URL parameter that may allow attackers to execute code in a user's browser after login. This means that after a user logs in, an attacker could exploit this flaw to run malicious code within the user's browser session, potentially leading to unauthorized actions or data exposure.
How can this vulnerability impact me? :
The vulnerability can lead to the extraction of sensitive data from the user's browser. Since attackers can execute code after login, they might steal confidential information accessible in the browser session, potentially compromising user privacy and security.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The provided resources do not include specific commands or direct detection methods for this vulnerability (CVE-2026-22913). However, general best practices for detecting vulnerabilities in industrial networks include continuous device inventory, configuration snapshots, and activity monitoring to detect unauthorized changes, as well as network segmentation and traffic filtering to identify suspicious activity. For detailed detection commands or tools, consulting SICK PSIRT or their security advisories is recommended. [1, 4]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying any available security advisories or patches from SICK PSIRT once released. General cybersecurity best practices involve network segmentation, use of firewalls, VPNs, access controls, and filtering outbound traffic to reduce attack surface. Since this vulnerability involves improper handling of URL parameters leading to code execution in the user's browser after login, ensuring secure web application practices and possibly using Web Application Firewalls (WAF) can help mitigate risk. Monitoring for updates from SICK PSIRT and following their recommended guidelines is essential. [1, 4]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not explicitly discuss how CVE-2026-22913 affects compliance with common standards and regulations such as GDPR or HIPAA. However, since the vulnerability allows attackers to execute code in a user's browser after login and potentially extract sensitive data, it could pose risks related to data confidentiality and privacy, which are critical aspects of regulations like GDPR and HIPAA. Proper mitigation and security measures as outlined in SICK's cybersecurity guidelines would be necessary to maintain compliance, but no direct statements about compliance impact are given. [4]