Browse all 4 CVE security advisories affecting Sergestec. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sergestec develops industrial control systems and automation software for manufacturing and utility sectors. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure authentication mechanisms. The company has addressed multiple critical flaws in their web interfaces and communication protocols, with four CVEs documented to date. While no major public security incidents have been reported, their history of vulnerabilities highlights ongoing challenges in securing industrial environments against evolving cyber threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-41021 | Stored Cross-Site Scripting (XSS) vulnerability in Sergestec's Exito — SISTICKCWE-79 | 5.4AI | MediumAI | 2025-10-16 |
| CVE-2025-41020 | Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito — ExitoCWE-639 | 6.5AI | MediumAI | 2025-10-16 |
| CVE-2025-41019 | SQL injection vulnerability in Sergestec's Exito — SISTICKCWE-89 | 9.8AI | CriticalAI | 2025-10-16 |
| CVE-2025-41018 | SQL injection vulnerability in Sergestec's Exito — ExitoCWE-89 | 9.8AI | CriticalAI | 2025-10-16 |
This page lists every published CVE security advisory associated with Sergestec. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.