CVE-2025-0867

CRITICAL

MEAC - Privilege Escalation

Title source: llm

Description

The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This allows a privilege escalation to the administrative level.

References (6)

[Various Sources] https://sick.com/psirt

[Various Sources] https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF

[Third Party Advisory, US Government Resource] https://www.cisa.gov/resources-tools/resources/ics-recommended-practices

[Various Sources] https://www.first.org/cvss/calculator/3.1

[Various Sources] https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.pdf

[Various Sources] https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.json

Scores

CVSS v3 9.9

EPSS 0.0017

EPSS Percentile 38.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-522

Status published

Products (1)

SICK AG/SICK MEAC300 < 4.0.54.21

Published Feb 14, 2025

Tracked Since Feb 18, 2026