CVE-2026-22645 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2026-22645?

CVE-2026-22645 has a CVSS score of 5.3 (MEDIUM). This vulnerability allows unauthenticated attackers to view detailed information about all software components, versions, and licenses used by the application. This information disclosure enables attackers to identify and target known security vulnerabilities in those components. Any system running the affected application with default configurations is vulnerable.

📋 TL;DR

This vulnerability allows unauthenticated attackers to view detailed information about all software components, versions, and licenses used by the application. This information disclosure enables attackers to identify and target known security vulnerabilities in those components. Any system running the affected application with default configurations is vulnerable.

💻 Affected Systems

Products:

SICK industrial automation products and software

Versions: Specific versions not detailed in references; consult vendor advisory for exact affected versions

Operating Systems: Various (embedded systems, industrial controllers)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects industrial control systems and automation equipment; vulnerability exists in default configurations

📦 What is this software?

Incoming Goods Suite by Sick

View all CVEs affecting Incoming Goods Suite →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers use disclosed component information to identify and exploit known vulnerabilities in those components, potentially leading to full system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Attackers map the attack surface by identifying vulnerable components, then launch targeted attacks against known vulnerabilities in outdated libraries or frameworks.

🟢

If Mitigated

With proper network segmentation and access controls, attackers cannot reach the information disclosure endpoint, limiting reconnaissance opportunities.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only HTTP requests to access information disclosure endpoints; no authentication needed

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Consult vendor advisory for specific patched versions

Vendor Advisory: https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json

Restart Required: Yes

Instructions:

1. Review vendor advisory SCA-2026-0002. 2. Identify affected products and versions. 3. Apply vendor-provided patches or firmware updates. 4. Restart affected systems. 5. Verify patch application.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to affected systems using firewalls or network segmentation

Authentication Enforcement

all

Implement authentication requirements for information disclosure endpoints

🧯 If You Can't Patch

Implement strict network segmentation to isolate affected systems from untrusted networks
Deploy web application firewalls to block requests to information disclosure endpoints

🔍 How to Verify

Check if Vulnerable:

Send HTTP requests to application endpoints that may disclose component information; check if version/license details are returned without authentication

Check Version:

Consult vendor documentation for version checking commands specific to each product

Verify Fix Applied:

After patching, verify that component information is no longer disclosed to unauthenticated requests

📡 Detection & Monitoring

Log Indicators:

Multiple unauthenticated requests to component information endpoints
Unusual scanning patterns from external IPs

Network Indicators:

HTTP requests to paths containing version, license, or component information
Reconnaissance traffic patterns

SIEM Query:

source_ip=external AND (http_path CONTAINS 'version' OR http_path CONTAINS 'license' OR http_path CONTAINS 'component') AND auth_status='failed'

📊 Metadata

CVE ID: CVE-2026-22645

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-200

EPSS Score: 0.05% exploit probability (14.8th percentile)

Published: January 15, 2026

Last Updated: January 29, 2026

🔗 References

https://sick.com/psirt Vendor Advisory
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices US Government Resource
https://www.first.org/cvss/calculator/3.1 Not Applicable
https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json Vendor Advisory
https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf Vendor Advisory
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-22645, you might also want to check these: