CVE-2025-0593
Published: 14 February 2025
Summary
CVE-2025-0593 is a high-severity Command Injection (CWE-77) vulnerability in Sick (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 33.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-0593 is a command injection vulnerability (CWE-77) that allows a remote low-privileged attacker to execute arbitrary shell commands on affected devices by exploiting lower-level functions designed for device interaction. Published on 2025-02-14 with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), it impacts certain SICK products, as detailed in the vendor's advisories.
A remote attacker possessing low privileges can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation enables full control over the device, resulting in high-impact confidentiality, integrity, and availability violations, such as unauthorized data access, modification, or disruption.
SICK's PSIRT advisories, including the special cybersecurity information document (IM0084411.PDF) and CSAF provider document (sca-2025-0002.json), provide details on affected products and recommended mitigations. Additional resources from CISA on ICS practices and the FIRST CVSS calculator offer further context for assessment and remediation.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-1788
Vulnerability details
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by using lower-level functions to interact with the device.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Command injection (CWE-77) directly enables arbitrary shell command execution (T1059) via remote exploitation of a network-accessible device function (T1190).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates command injection by requiring validation of all inputs to lower-level device interaction functions, preventing arbitrary shell command execution.
Remediates the specific command injection flaw in affected SICK products through timely patching as detailed in vendor advisories IM0084411 and sca-2025-0002.
Enforces least privilege to limit the impact of injected shell commands executed by low-privileged remote attackers.