Advisories

Für CVSS 2.0, 3.0 und 3.2
VDE-2026-032
April 21, 2026, 9:00 vorm.

Endress+Hauser: sudo vulnerability affects Endress+Hauser MCS200HW

The display unit of the Endress+Hauser MCS200HW is affected by a sudo chroot vulnerability.
CVE-2025-32463
VDE-2026-003
April 1, 2026, 1:00 nachm.

Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
CVE-2022-47390
CVE-2022-47389
CVE-2022-47388
CVE-2022-47387
CVE-2022-47386
CVE-2022-47385
CVE-2022-47384
CVE-2022-47383
CVE-2022-47382
CVE-2022-47381
CVE-2022-47380
CVE-2022-47379
CVE-2022-47391
CVE-2022-47393
CVE-2022-47392
CVE-2022-47378
VDE-2026-002
März 2, 2026, 8:00 vorm.

Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation

A vulnerability has been identified in WAGO devices utilized in Endress+Hauser IoT solutions. WAGO has provided fixes for these vulnerabilities, which have been integrated into the solutions by Endress+Hauser.
CVE-2023-4911
VDE-2025-105
Dez. 8, 2025, 10:00 vorm.

Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability

A vulnerability in Wibu-Systems CodeMeter (up to version 7.60b) affects multiple Endress+Hauser products. This flaw can lead to a heap buffer overflow, which may allow remote code execution under certain …
CVE-2023-3935
VDE-2025-107
Dez. 5, 2025, 12:00 nachm.

Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities

Multiple vulnerabilities in a Qualcomm component have been reported in a closed-source report. This component is an integral part of the radio chip found in several Endress+Hauser products.
CVE-2022-33259
CVE-2022-33211
CVE-2022-25740
CVE-2022-25729
CVE-2022-25678
CVE-2020-3686
CVE-2020-11170
CVE-2019-2320
CVE-2019-2303
CVE-2019-14062
CVE-2019-10612
CVE-2019-10609
CVE-2019-10586
CVE-2019-10516
CVE-2019-10511
CVE-2019-10500
CVE-2019-10487
CVE-2020-3670
CVE-2020-3634
CVE-2020-11190
CVE-2020-11189
CVE-2020-11188
CVE-2020-11171
CVE-2020-11166
CVE-2020-11144
CVE-2019-14033
CVE-2019-14020
CVE-2019-14019
CVE-2019-14011
CVE-2019-10577
CVE-2019-10554
CVE-2019-10553
CVE-2019-10552
CVE-2020-11269
CVE-2020-11177
CVE-2022-25698
CVE-2022-25697
CVE-2022-25695
CVE-2023-21625
CVE-2022-33235
CVE-2022-33229
CVE-2022-33228
CVE-2022-33222
CVE-2022-25747
CVE-2022-25738
CVE-2022-25732
CVE-2022-25730
CVE-2022-25728
CVE-2022-25726
CVE-2020-11251
CVE-2020-11191
CVE-2020-3624
CVE-2020-3622
CVE-2020-11204
CVE-2020-11178
CVE-2019-14094
CVE-2019-14077
CVE-2019-14076
CVE-2019-14074
CVE-2019-14071
CVE-2019-14066
CVE-2019-14065
CVE-2019-14056
CVE-2019-14050
CVE-2019-14030
CVE-2019-14015
CVE-2019-14000
CVE-2019-13999
CVE-2019-13998
CVE-2019-13995
CVE-2019-13994
CVE-2019-10628
CVE-2019-10615
CVE-2019-10527
CVE-2022-33304
CVE-2022-33238
CVE-2022-33223
CVE-2022-33213
CVE-2022-25739
CVE-2022-25737
CVE-2022-25735
CVE-2022-25734
CVE-2022-25733
CVE-2022-25731
CVE-2022-25702
CVE-2021-30273
CVE-2020-11226
CVE-2020-11145
CVE-2019-2337
CVE-2019-2335
CVE-2019-14022
CVE-2019-10485
CVE-2019-14101
CVE-2019-14043
CVE-2019-14042
CVE-2019-10574
CVE-2019-14119
CVE-2019-10482
CVE-2020-3644
CVE-2020-3643
CVE-2020-3621
CVE-2020-3620
CVE-2019-2295
CVE-2019-14115
CVE-2019-14067
CVE-2019-14007
CVE-2019-10513
CVE-2020-11293
VDE-2025-068
Feb. 20, 2026, 10:00 vorm.

Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions

A privilege escalation vulnerability has been identified in Endress+Hauser's Proline 10 devices. This flaw allows an authenticated user with Operator-level access to elevate their privileges and gain Maintenance-level access, potentially …
CVE-2025-41690
VDE-2025-036
März 6, 2025, 3:00 nachm.

Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4

Several vulnerabilities in the Endress+Hauser MEAC300-FNADE4 were discovered, that can be accessed via Ethernet.
CVE-2025-1708
CVE-2025-27461
CVE-2025-27460
CVE-2025-1710
CVE-2025-27456
CVE-2025-27449
CVE-2025-27447
CVE-2025-27448
CVE-2025-1709
CVE-2025-27458
CVE-2025-27457
CVE-2025-27450
CVE-2025-27453
CVE-2025-27452
CVE-2025-27451
CVE-2025-27459
CVE-2025-1711
CVE-2025-27455
CVE-2025-27454
VDE-2024-054
Mai 22, 2025, 3:03 nachm.

Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities

Several vulnerabilities have been identified in the web-based management of WAGO devices utilized in Endress+Hauser IoT solutions. WAGO has provided fixes for these vulnerabilities, which have been integrated into the …
CVE-2022-45140
CVE-2022-45138
CVE-2023-1698
CVE-2022-45137
CVE-2022-45139