Primary

Context

SICK TLOC100-100 Denial-of-Service Vulnerability via C++ CLI Client Tampering

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the SICK TLOC100-100 product, all firmware versions. An attacker who manipulates the C++ CLI client can cause the UpdateService to crash during file transfers, disrupting the update process and overall availability of the service.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the UpdateService to crash and interrupting file transfers, which can disrupt the update process and availability of the service.

Remediation

Users are strongly recommended to upgrade to the latest release of TLOC100-100 (version 7.1.1 or later).

Added: Oct 27, 2025, 11:35 AM

Updated: Oct 27, 2025, 1:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SICK TLOC100-100 Denial-of-Service Vulnerability via C++ CLI Client Tampering

Vulnerability

Impact

Remediation

Affected Products

SICK TLOC100-100 Firmware

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating