CVE-2025-59463 – This vulnerability allows attackers to cause ch... (How to Fix)

Q: What is the severity of CVE-2025-59463?

CVE-2025-59463 has a CVSS score of 4.3 (MEDIUM). This vulnerability allows attackers to cause chunk-size mismatches during file transfers, blocking current transfers and preventing subsequent ones. It affects systems using vulnerable file transfer protocols or services, particularly in industrial control systems where SICK products are deployed.

📋 TL;DR

This vulnerability allows attackers to cause chunk-size mismatches during file transfers, blocking current transfers and preventing subsequent ones. It affects systems using vulnerable file transfer protocols or services, particularly in industrial control systems where SICK products are deployed.

💻 Affected Systems

Products:

SICK industrial devices and software with vulnerable file transfer components

Versions: Specific versions not detailed in provided references; consult SICK advisory for exact affected versions

Operating Systems: Embedded systems and industrial controllers running SICK software

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems using the vulnerable file transfer protocol implementation; exact configurations require checking vendor advisory.

📦 What is this software?

Tloc100 100 Firmware by Sick

View all CVEs affecting Tloc100 100 Firmware →

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of file transfer services leading to operational disruption in industrial environments where file transfers are critical for configuration updates or data collection.

🟠

Likely Case

Temporary disruption of file transfer operations requiring manual intervention to restore service, potentially causing minor operational delays.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring allowing quick detection and remediation of attack attempts.

🌐 Internet-Facing: MEDIUM - Systems exposed to internet could be targeted for denial of service attacks on file transfer services.

🏢 Internal Only: LOW - Requires internal network access and knowledge of vulnerable systems, making exploitation less likely in properly segmented networks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires understanding of file transfer protocols and ability to manipulate chunk sizes during transfers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check SICK advisory SCA-2025-0013 for specific patched versions

Vendor Advisory: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json

Restart Required: No

Instructions:

1. Review SICK advisory SCA-2025-0013. 2. Identify affected products and versions. 3. Apply vendor-provided patches or firmware updates. 4. Test file transfer functionality after patching.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate file transfer services to internal networks only, preventing external access to vulnerable components.

Transfer Monitoring

all

Implement monitoring for abnormal file transfer patterns or repeated transfer failures.

🧯 If You Can't Patch

Implement strict network access controls to limit who can initiate file transfers
Deploy intrusion detection systems to monitor for chunk-size manipulation attempts

🔍 How to Verify

Check if Vulnerable:

Check system version against SICK advisory SCA-2025-0013 and verify if using vulnerable file transfer components.

Check Version:

Consult device documentation or web interface for firmware/software version information

Verify Fix Applied:

Test file transfer functionality with various file sizes and monitor for successful completions without blocking subsequent transfers.

📡 Detection & Monitoring

Log Indicators:

Multiple failed file transfer attempts
Abnormal chunk size values in transfer logs
File transfer service restarts

Network Indicators:

Unusual patterns in file transfer protocol traffic
Repeated connection attempts to file transfer ports

SIEM Query:

source="file_transfer_logs" AND (event="transfer_failed" OR event="chunk_error") | stats count by src_ip

📊 Metadata

CVE ID: CVE-2025-59463

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE: CWE-833

EPSS Score: 0.09% exploit probability (25.7th percentile)

Published: October 27, 2025

Last Updated: November 3, 2025

🔗 References

https://sick.com/psirt Vendor Advisory
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices US Government Resource
https://www.first.org/cvss/calculator/3.1 Not Applicable
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.json Vendor Advisory
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0013.pdf Vendor Advisory
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-59463, you might also want to check these: