Description
An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation.
Published: 2026-01-15
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Write Files / System Manipulation
Action: Apply Workaround
AI Analysis

Impact

The vulnerability allows an attacker who already has limited permissions on a SICK TDC‑X401GL device to write files to specific locations, which could be used to alter system behavior or compromise device integrity. This can lead to unauthorized configuration changes, persistence mechanisms, or further privilege escalation. The weakness is identified as CWE‑266, indicating insufficient privilege checks for file write operations.

Affected Systems

SICK AG TDC‑X401GL devices, specifically the versions listed in the CNA entry. The vulnerability was reported for the device’s firmware and hardware platform, but no specific firmware version numbers are provided in the available data.

Risk and Exploitability

The CVSS base score of 4.3 reflects a moderate risk, and the EPSS score of less than 1% indicates a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. The likely attack path requires the attacker to first obtain some level of access to the device – for example, a legitimate user account or a compromised service – and then exploit the insufficient privilege checks to write to protected locations.

Generated by OpenCVE AI on April 18, 2026 at 06:10 UTC.

Remediation

Vendor Workaround

Upon completion of the initial device setup, deactivate AppEngine. Disabling it fully mitigates this vulnerability.

OpenCVE Recommended Actions

  • Deactivate AppEngine on the device after initial setup as the CNA workaround, which fully mitigates the issue.
  • Restrict user accounts to the minimum permissions required and ensure no account has write access to critical directories.
  • Monitor the device file system and audit logs for unexpected write activity to detect potential exploitation.

Generated by OpenCVE AI on April 18, 2026 at 06:10 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Title Limited Permissions Permit File Write and System Manipulation

Fri, 23 Jan 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Sick
Sick tdc-x401gl
Sick tdc-x401gl Firmware
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:h:sick:tdc-x401gl:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:tdc-x401gl_firmware:*:*:*:*:*:*:*:*
Vendors & Products Sick
Sick tdc-x401gl
Sick tdc-x401gl Firmware

Mon, 19 Jan 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Sick Ag
Sick Ag tdc-x401gl
Vendors & Products Sick Ag
Sick Ag tdc-x401gl

Thu, 15 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 15 Jan 2026 13:15:00 +0000

Type Values Removed Values Added
Description An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation.
Weaknesses CWE-266
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Sick Tdc-x401gl Tdc-x401gl Firmware
Sick Ag Tdc-x401gl
cve-icon MITRE

Status: PUBLISHED

Assigner: SICK AG

Published:

Updated: 2026-01-15T16:38:01.091Z

Reserved: 2026-01-13T09:11:11.448Z

Link: CVE-2026-22914

cve-icon Vulnrichment

Updated: 2026-01-15T16:37:58.181Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-15T13:16:06.250

Modified: 2026-01-23T15:27:45.867

Link: CVE-2026-22914

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T06:15:15Z

Weaknesses