CVE-2026-22910

Critical

The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized…

SICK AG·CWE-1391·Published 2026-01-15

CVSS

9.1

EPSS

0.00

KEV

Exploits

Vendor statements (1)

sick.com

cve.orgen

205 chars

The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system.

NVDes

242 chars

El dispositivo se despliega con contraseñas predeterminadas débiles y públicamente conocidas para ciertos niveles de usuario ocultos, aumentando el riesgo de acceso no autorizado. Esto representa un alto riesgo para la integridad del sistema.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Secondary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N