Primary

Context

Endress+Hauser MEAC300-FNADE4 Multiple Vulnerabilities

Vulnerability

A vulnerability has been identified in the Endress+Hauser MEAC300-FNADE4 product, all versions, where several credentials for the local PostgreSQL database are stored in plain text, partially base64 encoded. This vulnerability allows for unauthorized access to sensitive database information.

Impact

The vulnerability could be exploited to access and read sensitive information from the PostgreSQL database, potentially leading to further attacks or exploitation of the affected system.

Remediation

Customers are strongly advised to update to the newest version of the MEAC300-FNADE4. For general security, it is recommended to minimize network exposure of the devices, restrict network access, and follow best security practices to maintain a protected IT environment.

Added: Jul 3, 2025, 2:18 PM

Updated: Jul 3, 2025, 2:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

6.0

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

6.0

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Endress+Hauser MEAC300-FNADE4 Multiple Vulnerabilities

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating