VDE-2025-068 | CERT@VDE

2025-09-02 10:00 (CEST) VDE-2025-068

Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions

Share: Email | Twitter

ID

VDE-2025-068

Published

2025-09-02 10:00 (CEST)

Last update

2025-09-01 09:58 (CEST)

Vendor(s)

Endress+Hauser AG

Product(s)

Article No°	Product Name	Affected Version(s)
	Promag 10 with HART	< 01.00.06
	Promag 10 with IO-Link	< 01.00.02
	Promag 10 with Modbus	< 01.00.06
	Promass 10 with HART	< 01.00.06
	Promass 10 with IO-Link	< 01.00.02
	Promass 10 with Modbus	< 01.00.06

Summary

A privilege escalation vulnerability has been identified in Endress+Hauser's Proline 10 devices. This flaw allows an authenticated user with Operator-level access to elevate their privileges and gain Maintenance-level access, potentially enabling unauthorized configuration changes.

Endress+Hauser has released a security update addressing this issue.

CVE ID

CVE-2025-41690

Last Update:

Sept. 2, 2025, 8:51 a.m.

Severity

7.4 (CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)

Weakness

Insertion of Sensitive Information into Log File (CWE-532)

Summary

A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the device’s event log. This vulnerability could allow the Operator to authenticate as the Maintenance user, thereby gaining unauthorized access to sensitive configuration settings and the ability to modify device parameters.

Details

certvde.com

Impact

Successful exploitation of this vulnerability may allow an attacker to perform vertical privilege escalation, gaining unauthorized access to Maintenance-level functions. As a result, the attacker could:
• Modify all Maintenance parameters
• Change device settings
• Initiate a device reset, potentially causing operational downtime
• Restore the device to its factory default settings
• Reconfigure non-critical diagnostic parameters
• Disable Bluetooth communication
• Alter the 4–20 mA analog output range

Solution

Mitigation

If an immediate firmware update is not feasible, it is recommended to disable the device's Bluetooth communication when not actively in use. This significantly reduces the risk of unauthorized access by eliminating the key vector through which the vulnerability could be exploited.

Remediation

Endress+Hauser has released updated firmware versions for the affected devices that resolve this vulnerability. Customers are encouraged to update their devices to the latest firmware version as soon as possible. For assistance with the update process, please contact your local Endress+Hauser service center.

Reported by

CERT@VDE coordinated with Endress+Hauser