Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

SICK MEAC300

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2025-0867
Assigner-SICK AG
ShareView Details
Assigner-SICK AG
CVSS Score-9.9||CRITICAL
EPSS-0.19% / 41.16%
||
7 Day CHG~0.00%
Published-14 Feb, 2025 | 12:37
Updated-21 Feb, 2025 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation in MEAC300

The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This allows a privilege escalation to the administrative level.

Action-Not Available
Vendor-SICK AG
Product-SICK MEAC300
CWE ID-CWE-522
Insufficiently Protected Credentials