What is CVE-2025-58580?

CVE-2025-58580 is a medium-severity vulnerability in Sick Enterprise_analytics, classified under Improper Output Neutralization for Logs. CVSS score: 6.5/10. Published 2025-10-06.

How severe is CVE-2025-58580?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Sick Enterprise_analytics

CVE-2025-58580

An API endpoint allows arbitrary log entries to be created via POST request. Without sufficient validation of the input data, an attacker can create manipulated log entries and thus falsify or dilute logs, for example.

EPSS: 0.003 (25.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L.

Affected products

Sick Enterprise_analytics
Sick Ag Enterprise Analytics — versions all versions

Weakness classification (CWE)

CWE-117 — Improper Output Neutralization for Logs

References

psirt@sick.de (x_SICK PSIRT Security Advisories, Vendor Advisory)
psirt@sick.de (x_SICK Operating Guidelines, Product)
psirt@sick.de (US Government Resource, x_ICS-CERT recommended practices on Industrial Security)
psirt@sick.de (x_CVSS v3.1 Calculator, Not Applicable)
psirt@sick.de (x_The canonical URL., Vendor Advisory)
psirt@sick.de (vendor-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2025-58580?: CVE-2025-58580 is a medium-severity vulnerability in Sick Enterprise_analytics, classified under Improper Output Neutralization for Logs. CVSS score: 6.5/10. Published 2025-10-06.
How severe is CVE-2025-58580?: Medium severity. CVSS v3 base score is 6.5 out of 10.