CVE-2025-59459 - Vulnerability Details

An attacker that gains SSH access to an unprivileged account may be able to disrupt services (including SSH), causing persistent loss of availability.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Sick	Tloc100-100

No data.

References

Link	Providers
https://sick.com/psirt
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
https://www.first.org/cvss/calculator/3.1
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf

History

Mon, 27 Oct 2025 22:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Sick Sick tloc100-100
Vendors & Products		Sick Sick tloc100-100

Mon, 27 Oct 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 27 Oct 2025 10:30:00 +0000

Type	Values Removed	Values Added
Description		An attacker that gains SSH access to an unprivileged account may be able to disrupt services (including SSH), causing persistent loss of availability.
Title		Denial-of-service (DoS) via resource consumption
Weaknesses		CWE-770
References		https://sick.com/psirt https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.first.org/cvss/calculator/3.1 https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: SICK AG

Published: 2025-10-27T10:09:03.229Z

Updated: 2025-10-27T13:20:18.768Z

Reserved: 2025-09-16T13:38:29.663Z

Link: CVE-2025-59459

Vulnrichment

Updated: 2025-10-27T13:20:15.357Z

NVD

Status : Awaiting Analysis

Published: 2025-10-27T11:15:40.600

Modified: 2025-10-27T13:19:49.063

Link: CVE-2025-59459

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object