Lucene search
K

48 matches found

Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.4 views

PT-2025-27778 · Unknown · Meac300-Fnade4

Name of the Vulnerable Software and Affected Versions: MEAC300-FNADE4 affected versions not specified Description: The issue concerns the lack of sufficient measures to prevent multiple failed authentication attempts within a short time frame, making the system susceptible to brute-force attacks...

7.5CVSS6.3AI score0.00508EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.4 views

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from a missing Secure attribute, which can be exploited by an attacker to cause session hijacking...

6.5CVSS6.6AI score0.00247EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.3 views

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4, which stems from the fact that all communications are not encrypted, and can be exploited by an attacker to...

7.5CVSS6.6AI score0.00237EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.10 views

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 suffers from an information disclosure vulnerability that originates from local PostgreSQL database credentials stored in plaintext. An attacker...

6.5CVSS5.7AI score0.00337EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.10 views

PT-2025-27774

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue involves multiple services of the affected system, as well as different scopes of the same service, reusing the same credentials. Recommendations: At the moment, there is no...

7.5CVSS5.8AI score0.00316EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.3 views

PT-2025-27779 · Unknown · Meac300-Fnade4

Name of the Vulnerable Software and Affected Versions: MEAC300-FNADE4 affected versions not specified Description: The issue concerns the absence of the Secure attribute on multiple cookies provided by the MEAC300-FNADE4. This allows an attacker to trick a user into establishing an unencrypted HT...

6.5CVSS5.9AI score0.00247EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/02/14 12:37 p.m.5 views

CVE-2025-0867 Privilege Escalation in MEAC300

The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This...

9.9CVSS9.9AI score0.00603EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/02/14 12:37 p.m.11 views

CVE-2025-0867 Privilege Escalation in MEAC300

The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This...

9.9CVSS0.00603EPSS
Exploits0References6
Rows per page
Query Builder