Description
An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration.
Published: 2026-01-15
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Service Disruption
Action: Disable AppEngine
AI Analysis

Impact

An attacker who possesses low privileges may trigger critical system functions such as reboot or factory reset without adequate restrictions, leading to service disruption or loss of configuration. The flaw arises from inappropriate privilege checks, as indicated by CWE-266. As no arbitrary code execution is described, the impact is limited to availability and configuration integrity.

Affected Systems

SICK AG TDC‑X401GL industrial controllers are affected. The vulnerability applies to the firmware that controls the AppEngine component; no specific firmware revision is cited, so all presently available TDC‑X401GL versions are considered potentially vulnerable.

Risk and Exploitability

The CVSS score of 4.3 reflects a moderate security impact, and the EPSS score of less than 1% indicates a low probability of observed exploitation at the time of analysis. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. The attack requires an attacker to have low privileges on the device, suggesting a local or network‑based attack path that can be exercised by someone who can access the device’s interface or control commands. This inference is drawn from the description, as the formal attack vector is not explicitly stated.

Generated by OpenCVE AI on April 18, 2026 at 16:11 UTC.

Remediation

Vendor Workaround

Upon completion of the initial device setup, deactivate AppEngine. Disabling it fully mitigates this vulnerability.

OpenCVE Recommended Actions

  • Disable AppEngine after initial device setup, which fully mitigates the vulnerability.
  • Apply any vendor‑supplied firmware updates that include the fix once they become available.
  • Limit user privileges on the device and monitor for unauthorized attempts to trigger reboot or factory reset commands.

Generated by OpenCVE AI on April 18, 2026 at 16:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Title Low‑Privilege Reboot/Factory Reset in SICK TDC‑X401GL Controllers

Fri, 23 Jan 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Sick
Sick tdc-x401gl
Sick tdc-x401gl Firmware
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:h:sick:tdc-x401gl:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:tdc-x401gl_firmware:*:*:*:*:*:*:*:*
Vendors & Products Sick
Sick tdc-x401gl
Sick tdc-x401gl Firmware

Fri, 16 Jan 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Sick Ag
Sick Ag tdc-x401gl
Vendors & Products Sick Ag
Sick Ag tdc-x401gl

Thu, 15 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 15 Jan 2026 13:15:00 +0000

Type Values Removed Values Added
Description An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration.
Weaknesses CWE-266
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Sick Tdc-x401gl Tdc-x401gl Firmware
Sick Ag Tdc-x401gl
cve-icon MITRE

Status: PUBLISHED

Assigner: SICK AG

Published:

Updated: 2026-01-15T16:55:42.554Z

Reserved: 2026-01-13T09:11:11.448Z

Link: CVE-2026-22916

cve-icon Vulnrichment

Updated: 2026-01-15T16:54:15.657Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-15T13:16:06.527

Modified: 2026-01-23T15:13:01.380

Link: CVE-2026-22916

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T16:15:04Z

Weaknesses