The vulnerability stems from the application returning detailed error messages that expose internal system information such as file paths, database error details, and software version identifiers. This information disclosure gives an attacker or an uninformed user valuable reconnaissance data that can be used to map the application's internal structure and identify additional, more critical weaknesses. The direct impact is a breach of confidentiality, providing attackers with knowledge that could facilitate subsequent attacks.

SICK AG Incoming Goods Suite is affected. Specific affected versions are not listed; any installation that exposes detailed error messages in its user interface is considered vulnerable. Users running older releases prior to the recommended 1.2.1 patch should verify whether their deployments generate informative error output.

The CVSS score of 4.3 indicates a moderate severity, and the EPSS score of less than 1% reflects a very low probability of exploitation at present. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote via the exposed web or application interface, though a local attack could also trigger the detailed error messages if mishandling inputs. Overall, the risk profile is moderate with a low exploitation probability, but the informational value to an attacker warrants prompt mitigation.