CVE-2026-22916

Summary

An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration.

Affected Software

VendorProductVersion RangeStatus
SICK AGTDC-X401GLall versionsaffected

Weaknesses

  • CWE-266: CWE-266 Incorrect Privilege Assignment

Workarounds

Upon completion of the initial device setup, deactivate AppEngine. Disabling it fully mitigates this vulnerability.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References