Advisories | CERT@VDE

2025-09-02 10:00 VDE-2025-068

Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions

A privilege escalation vulnerability has been identified in Endress+Hauser's Proline 10 devices. This flaw allows an authenticated user with Operator-level access to elevate their privileges and gain Maintenance-level access, potentially enabling unauthorized configuration changes.

Endress+Hauser has released a security update addressing this issue.

CVE-2025-41690: 7.4

Feeds

RSS / Atom

By Vendor

ADS-TEC Industrial IT (3)

Auma (6)

Beckhoff (14)

Bender (2)

CODESYS (21)

Draeger (1)

Endress+Hauser (14)

Festo (12)

Festo Didactic (7)

Frauscher (4)

Carlo Gavazzi Controls (1)

Helmholz (16)

HIMA (2)

ifm (4)

Innominate (2)

Lenze (5)

MB connect line (16)

Miele (4)

M&M Software (1)

Pepperl+Fuchs (33)

PHOENIX CONTACT (97)

Pilz (16)

Red Lion Europe (4)

SMA (7)

SWARCO (1)

TECSON/GOK (1)

TRUMPF SE (5)

TRUMPF Laser (8)

TRUMPF Werkzeugmaschinen (9)

VARTA Storage (1)

VMT (1)

WAGO (67)

Weidmueller (15)

Welotec (4)

Wiesemann & Theis (7)

Archive

2025

September (1)
August (10)
July (13)
June (12)
May (9)
April (5)
March (8)
February (4)
January (5)

2024

December (4)
November (3)
October (8)
September (8)
August (9)
July (7)
June (4)
May (4)
April (3)
March (2)
February (6)
January (7)

2023

December (14)
November (5)
October (5)
September (5)
August (13)
July (5)
June (3)
May (4)
April (1)
March (3)
February (3)
January (2)

2022

December (5)
November (10)
October (5)
September (7)
August (4)
July (4)
June (7)
May (3)
April (11)
March (5)
January (5)

2021

December (2)
November (6)
October (5)
September (2)
August (10)
July (3)
June (9)
May (6)
April (2)
March (3)
February (3)
January (4)

2020

December (4)
November (3)
October (6)
September (8)
August (1)
July (3)
June (4)
May (2)
March (12)
February (2)

2019

December (2)
October (3)
September (1)
June (4)
May (2)
March (6)
January (1)

2018

October (1)
September (1)
August (2)
July (3)
May (4)
March (1)
February (1)
January (2)

2017

December (2)
November (1)
September (1)
March (1)

Legend

(Scoring for CVSS 2.0,3.0+3.1)

None

No CVE available

Low

0.1 <= 3.9

Medium

4.0 <= 6.9

High

7.0 <= 8.9

Critical

9.0 <= 10.0