48 matches found
PT-2025-27778 · Unknown · Meac300-Fnade4
Name of the Vulnerable Software and Affected Versions: MEAC300-FNADE4 affected versions not specified Description: The issue concerns the lack of sufficient measures to prevent multiple failed authentication attempts within a short time frame, making the system susceptible to brute-force attacks...
Endress+Hauser MEAC300-FNADE4 安全漏洞
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from a missing Secure attribute, which can be exploited by an attacker to cause session hijacking...
Endress+Hauser MEAC300-FNADE4 安全漏洞
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4, which stems from the fact that all communications are not encrypted, and can be exploited by an attacker to...
Endress+Hauser MEAC300-FNADE4 安全漏洞
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 suffers from an information disclosure vulnerability that originates from local PostgreSQL database credentials stored in plaintext. An attacker...
PT-2025-27774
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue involves multiple services of the affected system, as well as different scopes of the same service, reusing the same credentials. Recommendations: At the moment, there is no...
PT-2025-27779 · Unknown · Meac300-Fnade4
Name of the Vulnerable Software and Affected Versions: MEAC300-FNADE4 affected versions not specified Description: The issue concerns the absence of the Secure attribute on multiple cookies provided by the MEAC300-FNADE4. This allows an attacker to trick a user into establishing an unencrypted HT...
CVE-2025-0867 Privilege Escalation in MEAC300
The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This...
CVE-2025-0867 Privilege Escalation in MEAC300
The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This...