CVE-2026-22919
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: SICK AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sick_ag | tdc-x401gl | to 1.4.0 (exc) |
| sick_ag | meac300 | * |
| sick_ag | lector8xx | * |
| sick_ag | inspectorp8xx | * |
| sick_ag | dl100-2xxxxxxx | * |
| sick_ag | flexi_compact | * |
| sick_ag | picoscan | * |
| sick_ag | multiscan | * |
| sick_ag | field_analytics | * |
| sick_ag | media_server | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows an attacker who already has administrative access to inject malicious content into the login page of the affected product. This injection can enable cross-site scripting (XSS) attacks, which may lead to the extraction of sensitive data from users interacting with the login page.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an attacker to perform cross-site scripting (XSS) attacks on the login page, potentially leading to the theft or exposure of sensitive data. Since the attacker needs administrative access to inject malicious content, the risk involves misuse of privileges to compromise user data confidentiality and integrity.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The provided resources do not include specific commands or direct detection methods for this vulnerability. However, general best practices for detecting unauthorized changes or malicious content injection include continuous device inventory, configuration snapshots, and activity monitoring to detect unauthorized changes, as well as monitoring network traffic for anomalies. Using Web Application Firewalls (WAF) can help detect and prevent cross-site scripting (XSS) attacks. For detailed detection commands or scripts, consulting SICK PSIRT advisories or security guidelines may be necessary. [4, 1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting administrative access to the device to trusted personnel only, implementing strong access controls, and monitoring for unauthorized changes to the login page. Employing network segmentation, firewalls, and Web Application Firewalls (WAF) can help limit exposure and prevent exploitation of cross-site scripting vulnerabilities. Contacting SICK PSIRT for any available security advisories or patches is recommended. Since this vulnerability involves malicious content injection by an attacker with administrative access, ensuring that administrative credentials are secure and that the system is monitored for suspicious activity is critical. [4, 1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an attacker with administrative access to inject malicious content into the login page, potentially enabling cross-site scripting (XSS) attacks that could lead to the extraction of sensitive data. Such exposure of sensitive data could negatively impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and breaches. Therefore, this vulnerability poses a risk to maintaining compliance with these standards by potentially compromising confidentiality and integrity of sensitive data. [4]