{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0867", "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "state": "PUBLISHED", "assignerShortName": "SICK AG", "dateReserved": "2025-01-30T08:11:55.266Z", "datePublished": "2025-02-14T12:37:09.250Z", "dateUpdated": "2025-02-21T14:16:05.951Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SICK MEAC300", "vendor": "SICK AG", "versions": [{"lessThan": "4.0.54.21", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div>The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This allows a privilege escalation to the administrative level.&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</div></div>"}], "value": "The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This allows a privilege escalation to the administrative level."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "shortName": "SICK AG", "dateUpdated": "2025-02-21T14:16:05.951Z"}, "references": [{"tags": ["x_SICK PSIRT Website"], "url": "https://sick.com/psirt"}, {"tags": ["x_SICK Operating Guidelines"], "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"}, {"tags": ["x_ICS-CERT recommended practices on Industrial Security"], "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"}, {"tags": ["x_CVSS v3.1 Calculator"], "url": "https://www.first.org/cvss/calculator/3.1"}, {"tags": ["vendor-advisory"], "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.pdf"}, {"tags": ["vendor-advisory", "x_csaf"], "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.json"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Users are strongly recommended to upgrade to the latest release of the MEAC300 (&gt;=4.0.54.21) that includes a patch for the vulnerability.\n\n<br>"}], "value": "Users are strongly recommended to upgrade to the latest release of the MEAC300 (>=4.0.54.21) that includes a patch for the vulnerability."}], "source": {"advisory": "sca-2025-0001", "discovery": "INTERNAL"}, "title": "Privilege Escalation in MEAC300", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-14T16:23:00.326523Z", "id": "CVE-2025-0867", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-14T16:23:21.027Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0867", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-14T16:23:00.326523Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-14T16:23:14.560Z"}}], "cna": {"title": "Privilege Escalation in MEAC300", "source": {"advisory": "sca-2025-0001", "discovery": "INTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SICK AG", "product": "SICK MEAC300", "versions": [{"status": "affected", "version": "0", "lessThan": "4.0.54.21", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Users are strongly recommended to upgrade to the latest release of the MEAC300 (>=4.0.54.21) that includes a patch for the vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Users are strongly recommended to upgrade to the latest release of the MEAC300 (&gt;=4.0.54.21) that includes a patch for the vulnerability.\n\n<br>", "base64": false}]}], "references": [{"url": "https://sick.com/psirt", "tags": ["x_SICK PSIRT Website"]}, {"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", "tags": ["x_SICK Operating Guidelines"]}, {"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", "tags": ["x_ICS-CERT recommended practices on Industrial Security"]}, {"url": "https://www.first.org/cvss/calculator/3.1", "tags": ["x_CVSS v3.1 Calculator"]}, {"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.pdf", "tags": ["vendor-advisory"]}, {"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.json", "tags": ["vendor-advisory", "x_csaf"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This allows a privilege escalation to the administrative level.", "supportingMedia": [{"type": "text/html", "value": "<div><div>The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This allows a privilege escalation to the administrative level.&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</div></div>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials"}]}], "providerMetadata": {"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "shortName": "SICK AG", "dateUpdated": "2025-02-21T14:16:05.951Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0867", "state": "PUBLISHED", "dateUpdated": "2025-02-21T14:16:05.951Z", "dateReserved": "2025-01-30T08:11:55.266Z", "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "datePublished": "2025-02-14T12:37:09.250Z", "assignerShortName": "SICK AG"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This allows a privilege escalation to the administrative level."}], "id": "CVE-2025-0867", "lastModified": "2025-02-14T13:15:42.620", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "psirt@sick.de", "type": "Secondary"}]}, "published": "2025-02-14T13:15:42.620", "references": [{"source": "psirt@sick.de", "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"}, {"source": "psirt@sick.de", "url": "https://sick.com/psirt"}, {"source": "psirt@sick.de", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"}, {"source": "psirt@sick.de", "url": "https://www.first.org/cvss/calculator/3.1"}, {"source": "psirt@sick.de", "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.json"}, {"source": "psirt@sick.de", "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.pdf"}], "sourceIdentifier": "psirt@sick.de", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "psirt@sick.de", "type": "Secondary"}]}

{}