Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/16 1:17 p.m.7 views

CVE-2025-0867

The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This...

9.9CVSS7.5AI score0.00603EPSS
Exploits0References1
Circl
Circl
added 2025/02/14 12:49 p.m.7 views

CVE-2025-0867

creationtimestamp| type| source ---|---|--- 2025-02-14 12:49:42+00:00| seen| https://infosec.exchange/users/cve/statuses/114002321891252776 2025-02-14 12:53:40+00:00| seen| https://infosec.exchange/users/cve/statuses/114002337449684066 2025-02-14 13:16:08+00:00| seen|...

9.9CVSS4.8AI score0.00603EPSS
Exploits0References12
Cvelist
Cvelist
added 2025/02/14 12:37 p.m.11 views

CVE-2025-0867 Privilege Escalation in MEAC300

The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This...

9.9CVSS0.00603EPSS
Exploits0References6
CVE
CVE
added 2025/02/14 12:37 p.m.62 views

CVE-2025-0867

CVE-2025-0867 affects SICK MEAC300 (and variants such as MEAC300-FNADE4). Root cause: a standard user can start MEAC applications via the Run As function while administrator credentials are stored, enabling EPC2 to execute commands with administrative privileges and perform privilege escalation. ...

9.9CVSS7.6AI score0.00603EPSS
Exploits0References6
Rows per page
Query Builder