CVE-2025-27595

Summary

The device uses a weak hashing alghorithm to create the password hash. Hence, a matching password can be easily calculated by an attacker. This impacts the security and the integrity of the device.

Affected Software

VendorProductVersion RangeStatus
SICK AGSICK DL100-2xxxxxxxall versionsaffected

Weaknesses

  • CWE-328: CWE-328 Use of Weak Hash

Workarounds

Please make sure that you apply general security practices when operating the products. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References