What is CVE-2025-49183?

CVE-2025-49183 is a high-severity vulnerability in Sick Media_server, classified under Cleartext Transmission of Sensitive Information. CVSS score: 7.5/10. Published 2025-06-12.

How severe is CVE-2025-49183?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Sick Media_server

CVE-2025-49183

All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files.

EPSS: 0.003 (17.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Sick Media_server
Sick Ag Media Server — versions all versions

Weakness classification (CWE)

CWE-319 — Cleartext Transmission of Sensitive Information

References

psirt@sick.de (Vendor Advisory, x_SICK PSIRT Website)
psirt@sick.de (x_SICK Operating Guidelines, Broken Link)
psirt@sick.de (US Government Resource, x_ICS-CERT recommended practices on Industrial Security)
psirt@sick.de (x_CVSS v3.1 Calculator, Not Applicable)
psirt@sick.de (vendor-advisory, Vendor Advisory)
psirt@sick.de (vendor-advisory, x_csaf, Vendor Advisory)

Frequently asked questions

What is CVE-2025-49183?: CVE-2025-49183 is a high-severity vulnerability in Sick Media_server, classified under Cleartext Transmission of Sensitive Information. CVSS score: 7.5/10. Published 2025-06-12.
How severe is CVE-2025-49183?: High severity. CVSS v3 base score is 7.5 out of 10.