{ "document": { "acknowledgments": [ { "organization": "CERT@VDE", "summary": "coordination", "urls": [ "https://certvde.com" ] } ], "aggregate_severity": { "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale", "text": "critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "The display unit of the Endress+Hauser MCS200HW is affected by a sudo chroot vulnerability.", "title": "Summary" }, { "category": "description", "text": "If exploited, this vulnerability could potentially allow an unauthenticated attacker to compromise the availability, integrity, and confidentiality of the Endress+Hauser MCS200HW.", "title": "Impact" }, { "category": "description", "text": "As a temporary mitigation measure, both system and network access to the affected functionality should be strictly restricted. Access should be limited to authorized personnel only, and exposure to external or untrusted networks should be minimized or fully blocked until an update of the display firmware has been completed.", "title": "Mitigation" }, { "category": "description", "text": "Endress+Hauser has released updated firmware versions that address this vulnerability. \nThe display unit's firmware versions below 4.3.4 are affected. To address the vulnerability,\ncustomers are strongly recommended to update the display unit of their devices to firmware version\n4.3.4.\nEndress+Hauser will include this firmware version in the MCS200HW products starting with version\n1.11.5.6R.\nAlternatively, customers can contact Endress+Hauser directly to obtain the updated display firmware,\nor download the original firmware - including update instructions - from the Phoenix Contact website\nreferenced below.\nCustomers are strongly advised to upgrade to the latest fixed version. For assistance, please contact your local Endress+Hauser service center.", "title": "Remediation" }, { "category": "general", "text": "Endress+Hauser recommends operating these solutions in a secure environment and restricting access to components to authorized personnel only.", "title": "General Recommendation" } ], "publisher": { "category": "vendor", "contact_details": "psirt@endress.com", "name": "Endress+Hauser AG", "namespace": "https://www.endress.com" }, "references": [ { "category": "external", "summary": "Endress+Hauser", "url": "https://www.endress.com" }, { "category": "external", "summary": "CERT@VDE Security Advisories for Endress+Hauser", "url": "https://certvde.com/en/advisories/vendor/endress+hauser" }, { "category": "self", "summary": "VDE-2026-032: Endress+Hauser: sudo vulnerability affects Endress+Hauser MCS200HW - HTML", "url": "https://certvde.com/en/advisories/VDE-2026-032" }, { "category": "self", "summary": "VDE-2026-032: Endress+Hauser: Sudo vulnerability affects Endress+Hauser MCS200HW - CSAF", "url": "https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-032.json" }, { "category": "external", "summary": "Standalone display firmware, update procedure and further details", "url": "https://www.phoenixcontact.com/de-de/produkte/touch-panel-wp-6121-wxps-1290802" } ], "title": "Endress+Hauser: sudo vulnerability affects Endress+Hauser MCS200HW", "tracking": { "aliases": [ "VDE-2026-032" ], "current_release_date": "2026-04-21T07:00:00.000Z", "generator": { "date": "2026-04-21T07:50:11.925Z", "engine": { "name": "Secvisogram", "version": "2.5.44" } }, "id": "VDE-2026-032", "initial_release_date": "2026-04-21T07:00:00.000Z", "revision_history": [ { "date": "2026-04-21T07:00:00.000Z", "number": "1.0.0", "summary": "Initial version" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "Endress+Hauser MCS200HW all versions", "product_id": "CSAFPID-11001", "product_identification_helper": { "cpe": "cpe:2.3:h:endress_hauser:mcs200hw:*:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "MCS200HW" } ], "category": "product_family", "name": "Extractive Analyzer" } ], "category": "product_family", "name": "Hardware" }, { "branches": [ { "category": "product_version_range", "name": "vers:generic/<1.11.5.6R", "product": { "name": "Firmware <1.11.5.6R", "product_id": "CSAFPID-21001" } }, { "category": "product_version", "name": "1.11.5.6R", "product": { "name": "Firmware 1.11.5.6R", "product_id": "CSAFPID-22001" } } ], "category": "product_family", "name": "Firmware" } ], "category": "vendor", "name": "Endress+Hauser" } ], "relationships": [ { "category": "installed_on", "full_product_name": { "name": "Endress+Hauser MCS200HW with firmware <1.11.5.6R", "product_id": "CSAFPID-31001" }, "product_reference": "CSAFPID-21001", "relates_to_product_reference": "CSAFPID-11001" }, { "category": "installed_on", "full_product_name": { "name": "Endress+Hauser MCS200HW with firmware 1.11.5.6R", "product_id": "CSAFPID-32001", "product_identification_helper": { "cpe": "cpe:2.3:o:endress:mcs200hw_firmware:1.11.5.6r:*:*:*:*:*:*:*" } }, "product_reference": "CSAFPID-22001", "relates_to_product_reference": "CSAFPID-11001" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-32463", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "notes": [ { "audience": "all", "category": "description", "text": "Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.", "title": "CVE Description" } ], "product_status": { "fixed": [ "CSAFPID-32001" ], "known_affected": [ "CSAFPID-31001" ] }, "references": [ { "category": "external", "summary": "CVSS 4.0 Score", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "vendor_fix", "details": "The display unit's firmware versions below 4.3.4 are affected. To address the vulnerability, customers are strongly recommended to update the display unit of their devices to firmware version 4.3.4.\n\nEndress+Hauser will include this firmware version in the MCS200HW products starting with version 1.11.5.6R.\n\nAlternatively, customers can contact Endress+Hauser directly to obtain the updated display firmware, or download the original firmware - including update instructions - from the Phoenix Contact website referenced below.", "product_ids": [ "CSAFPID-31001" ] }, { "category": "mitigation", "details": "As a temporary mitigation measure, both system and network access to the affected functionality should be strictly restricted. Access should be limited to authorized personnel only, and exposure to external or untrusted networks should be minimized or fully blocked until an update of the display firmware has been completed.", "product_ids": [ "CSAFPID-31001" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.8, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 7.8, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-31001" ] } ], "title": "CVE-2025-32463" } ] }