CVE-2025-0867

Name of the Vulnerable Software and Affected Versions SICK MEAC300-FNADE4 all versions

Description The issue allows a standard user to execute commands with administrative privileges using the run as function to start MEAC applications. This is possible because administrator credentials were stored to enable automatic system startup. As a result, the EPC2 user can perform privilege escalation to the administrative level.

Recommendations For SICK MEAC300-FNADE4 all versions, avoid storing administrator credentials for automatic system startup to prevent unauthorized privilege escalation in MEAC applications using the run as function.