Vulnerability in Sick Baggage_analytics
CVE-2025-9914
The credentials of the users stored in the system's local database can be used for the log in, making it possible for an attacker to gain unauthorized access. This could potentially affect the confidentiality of the application.
EPSS: 0.003 (20.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.
Affected products
- Sick Baggage_analytics
- Sick Logistic_diagnostic_analytics
- Sick Package_analytics
- Sick Tire_analytics
- Sick Ag Baggage Analytics — versions all versions, 0
- Sick Ag Logistic Diagnostic Analytics — versions all versions, 0
- Sick Ag Package Analytics — versions all versions, 0
- Sick Ag Tire Analytics — versions all versions, 0
Weakness classification (CWE)
Public proof-of-concept exploits
References
- psirt@sick.de (x_SICK PSIRT Security Advisories, Vendor Advisory)
- psirt@sick.de (x_SICK Operating Guidelines, Product)
- psirt@sick.de (US Government Resource, x_ICS-CERT recommended practices on Industrial Security)
- psirt@sick.de (x_CVSS v3.1 Calculator, Not Applicable)
- psirt@sick.de (x_The canonical URL., Vendor Advisory)
- psirt@sick.de (vendor-advisory, Vendor Advisory)
Frequently asked questions
- What is CVE-2025-9914?
- CVE-2025-9914 is a medium-severity vulnerability in Sick Baggage_analytics, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 4.3/10. Published 2025-10-06.
- How severe is CVE-2025-9914?
- Medium severity. CVSS v3 base score is 4.3 out of 10.
- Is CVE-2025-9914 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.