CVE-2025-27593

Summary

The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems.

Affected Software

VendorProductVersion RangeStatus
SICK AGSICK DL100-2xxxxxxxall versionsaffected

Weaknesses

  • CWE-494: CWE-494 Download of Code Without Integrity Check

Workarounds

Please make sure that you apply general security practices when operating the products. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References