CVE-2025-41690 Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions

🗓️ 02 Sep 2025 08:12:13Reported by CERTVDEType

CVE-2025-41690: Proline 10 maintenance credentials exposed via event log, enabling a bluetooth-range attacker impersonation.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-41690	2 Sep 202508:12	–	circl
CNNVD	Endress+hauser Ecograph 日志信息泄露漏洞	2 Sep 202500:00	–	cnnvd
CVE	CVE-2025-41690	2 Sep 202508:12	–	cve
EUVD	EUVD-2025-26393	3 Oct 202520:07	–	euvd
NVD	CVE-2025-41690	2 Sep 202508:15	–	nvd
Positive Technologies	PT-2025-35545	2 Sep 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-41690	4 Sep 202508:14	–	redhatcve
Vulnrichment	CVE-2025-41690 Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions	2 Sep 202508:12	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Promag 10 with HART",
    "vendor": "Endress+Hauser",
    "versions": [
      {
        "lessThan": "01.00.06",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Promag 10 with IO-Link",
    "vendor": "Endress+Hauser",
    "versions": [
      {
        "lessThan": "01.00.02",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Promag 10 with Modbus",
    "vendor": "Endress+Hauser",
    "versions": [
      {
        "lessThan": "01.00.06",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Promass 10 with HART",
    "vendor": "Endress+Hauser",
    "versions": [
      {
        "lessThan": "01.00.06",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Promass 10 with IO-Link",
    "vendor": "Endress+Hauser",
    "versions": [
      {
        "lessThan": "01.00.02",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Promass 10 with Modbus",
    "vendor": "Endress+Hauser",
    "versions": [
      {
        "lessThan": "01.00.06",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
certvde	www.certvde.com/en/advisories/VDE-2025-068

02 Sep 2025 08:12Current

CVSS 3.17.4

EPSS0.0023

CWE-532