Primary

Context

SICK TDC-X401GL Vulnerability Exposing Password Hashes in Firmware Update Files

Vulnerability

A vulnerability exists in the SICK TDC-X401GL product, where firmware update files may inadvertently reveal password hashes for system accounts. This exposure could enable remote attackers to recover credentials and gain unauthorized access to the device. The vulnerability affects all firmware versions of the SICK TDC-X401GL.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the device, allowing attackers to manipulate system data or functions.

Remediation

It is recommended to ensure that only trusted entities have access to the device. Additionally, users should follow the SICK Operating Guidelines and the ICS-CERT recommended practices on Industrial Security to mitigate the associated security risks.

Added: Jan 15, 2026, 1:52 PM

Updated: Jan 15, 2026, 1:52 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SICK TDC-X401GL Vulnerability Exposing Password Hashes in Firmware Update Files

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating