CVE-2026-22910
CVE-2026-22910 is a high-severity vulnerability in Sick Tdc-x401gl Firmware with a CVSS 3.x base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-1391.
Key facts
- Severity: High (CVSS 3.x base score 7.5)
- EPSS exploit prediction: 0% (35th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2026-2809
- Weakness: CWE-1391
- Affected product: Sick Tdc-x401gl Firmware
- Published:
- Last modified:
Description
The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system.
Frequently asked questions
- What is CVE-2026-22910?
- The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system.
- How severe is CVE-2026-22910?
- CVE-2026-22910 has a CVSS 3.x base score of 7.5, rated high severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is high, integrity none, and availability none.
- Is CVE-2026-22910 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (35th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2026-22910?
- CVE-2026-22910 affects Sick Tdc-x401gl Firmware. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2026-22910?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- Does CVE-2026-22910 have an EU (EUVD) identifier?
- Yes. CVE-2026-22910 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-2809.
- When was CVE-2026-22910 published?
- CVE-2026-22910 was published on 2026-01-15 and last updated on 2026-06-17.
References
- https://sick.com/psirt
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
- https://www.first.org/cvss/calculator/3.1
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.json
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0001.pdf
- https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
Affected products (1)
- cpe:2.3:o:sick:tdc-x401gl_firmware:*:*:*:*:*:*:*:*
More vulnerabilities in Sick Tdc-x401gl Firmware
- CVE-2026-22907 — Critical (CVSS 9.9): An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system…
- CVE-2026-22908 — Critical (CVSS 9.1): Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially…
- CVE-2026-22909 — High (CVSS 7.5): Certain system functions may be accessed without proper authorization, allowing attackers to start, stop, or delete…
- CVE-2026-22911 — Medium (CVSS 5.3): Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover…
- CVE-2026-22918 — Medium (CVSS 4.3): An attacker may exploit missing protection against clickjacking by tricking users into performing unintended actions…
- CVE-2026-22917 — Medium (CVSS 4.3): Improper input handling in a system endpoint may allow attackers to overload resources, causing a denial of service.
All CVEs affecting Sick Tdc-x401gl Firmware →
Other CWE-1391 vulnerabilities
- CVE-2025-67114 — Critical (CVSS 9.8): Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi…
- CVE-2026-22886 — Critical (CVSS 9.8): OpenMQ exposes a TCP-based management service (imqbrokerd) that by default requires authentication. However, the…
- CVE-2025-30519 — Critical (CVSS 9.8): Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through…
- CVE-2025-6077 — Critical (CVSS 9.8): Partner Software's Partner Software Product and corresponding Partner Web application use the same default username and…
- CVE-2024-51978 — Critical (CVSS 9.8): An unauthenticated attacker who knows the target device's serial number, can generate the default administrator…
- CVE-2024-12728 — Critical (CVSS 9.8): A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than…