{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination ",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
      "text": "high"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability was discovered in several Endress+Hauser products that can be accessed via ethernet.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "This vulnerability allows a remote unauthenticated attacker to modify the IP address of the\nproduct through the SopasET interface, potentially leading to Denial of Service. There are currently no\nknown public exploits specifically targeting this vulnerability.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Restrict device access to trusted and authorized entities only. Apply the general security measures during product operation to mitigate the identified security risk. \nRefer to the ICS‑CERT Recommended Practices for Industrial Security for additional guidance.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "No remediation available.",
        "title": "Remediation"
      },
      {
        "category": "general",
        "text": "Endress+Hauser recommends operating these solutions in a secure environment and restricting access to components to authorized personnel only.",
        "title": "General Recommendation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@endress.com",
      "name": "Endress+Hauser AG",
      "namespace": "https://www.endress.com"
    },
    "references": [
      {
        "category": "external",
        "summary": "Endress+Hauser",
        "url": "https://www.endress.com"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Endress+Hauser",
        "url": "https://certvde.com/en/advisories/vendor/endress+hauser"
      },
      {
        "category": "self",
        "summary": "VDE-2026-045: Endress+Hauser: Multiple products affected by SopasET interface vulnerability - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2026-045"
      },
      {
        "category": "self",
        "summary": "VDE-2026-045: Endress+Hauser: Multiple products affected by SopasET interface vulnerability - CSAF",
        "url": "https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-045.json"
      },
      {
        "category": "external",
        "summary": "ICS‑CERT Recommended Practices for Industrial Security",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices."
      }
    ],
    "title": "Endress+Hauser: Multiple products affected by SopasET interface vulnerability",
    "tracking": {
      "aliases": [
        "VDE-2026-045"
      ],
      "current_release_date": "2026-07-16T10:00:00.000Z",
      "generator": {
        "date": "2026-07-08T06:37:17.048Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.44"
        }
      },
      "id": "VDE-2026-045",
      "initial_release_date": "2026-07-16T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-07-16T10:00:00.000Z",
          "number": "1.0.0",
          "summary": "Initial version"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_name",
                    "name": "MARSIC200",
                    "product": {
                      "name": "MARSIC200",
                      "product_id": "CSAFPID-11001",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:marsic200:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "MARSIC280",
                    "product": {
                      "name": "MARSIC280",
                      "product_id": "CSAFPID-11002",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:marsic280:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "MARSIC300",
                    "product": {
                      "name": "MARSIC300",
                      "product_id": "CSAFPID-11003",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:marsic300:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "MCS100FT",
                    "product": {
                      "name": "MCS100FT ",
                      "product_id": "CSAFPID-11004",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:mcs100ft:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "MCS200HW",
                    "product": {
                      "name": "MCS200HW",
                      "product_id": "CSAFPID-11005",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:mcs200hw:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "MCS300P",
                    "product": {
                      "name": "MCS300P",
                      "product_id": "CSAFPID-11006",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:mcs300p:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "MERCEM300Z",
                    "product": {
                      "name": "MERCEM300Z",
                      "product_id": "CSAFPID-11007",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:mercem300z:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "SAM800",
                    "product": {
                      "name": "SAM800",
                      "product_id": "CSAFPID-11008",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:sam800:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "SIPROCESS",
                    "product": {
                      "name": "SIPROCESS",
                      "product_id": "CSAFPID-11009",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:siprocess:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "GMS800",
                    "product": {
                      "name": "GMS800",
                      "product_id": "CSAFPID-11010",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:gms800:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "GMS800 FIDOR",
                    "product": {
                      "name": "GMS800 FIDOR",
                      "product_id": "CSAFPID-11011",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:gms800_fidor:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "GM32",
                    "product": {
                      "name": "GM32",
                      "product_id": "CSAFPID-11012",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:gm32:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "VICOTEC320",
                    "product": {
                      "name": "VICOTEC320",
                      "product_id": "CSAFPID-11013",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:vicotec320:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "MCU ETH-Service and Modbus-TCP Module",
                    "product": {
                      "name": "MCU ETH-Service and Modbus-TCP Module",
                      "product_id": "CSAFPID-11014",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:mcu_eth_service_and_modbus_tcp_module:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "FLPS",
                    "product": {
                      "name": "FLPS",
                      "product_id": "CSAFPID-11015",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:flps:*:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_name",
                    "name": "MES1B B&B Converter",
                    "product": {
                      "name": "MES1B B&B Converter",
                      "product_id": "CSAFPID-11016",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:h:endress_hauser:mes1b_b_and_b_converter:*:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_family",
                "name": "Extractive Analyzer"
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "All Firmware versions",
                  "product_id": "CSAFPID-21001",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:o:endress_hauser:firmware_all:*:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Endress+Hauser"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016"
        ],
        "summary": "Affected products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on MARSIC200",
          "product_id": "CSAFPID-31001",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:marsic200_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on MARSIC280",
          "product_id": "CSAFPID-31002",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:marsic280_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on MARSIC300",
          "product_id": "CSAFPID-31003",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:marsic300_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on MCS100FT",
          "product_id": "CSAFPID-31004",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:mcs100ft_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on MCS200HW",
          "product_id": "CSAFPID-31005",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:mcs200hw_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on MCS300P",
          "product_id": "CSAFPID-31006",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:mcs300p_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on MERCEM300Z",
          "product_id": "CSAFPID-31007",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:mercem300z_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on SAM800",
          "product_id": "CSAFPID-31008",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:sam800_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on SIPROCESS",
          "product_id": "CSAFPID-31009",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:siprocess_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on GMS800",
          "product_id": "CSAFPID-31010",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:gms800_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on GMS800 FIDOR",
          "product_id": "CSAFPID-31011",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:gms800_fidor_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on GM32",
          "product_id": "CSAFPID-31012",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:gm32_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on VICOTEC320",
          "product_id": "CSAFPID-31013",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:vicotec320_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on MCU ETH-Service and Modbus-TCP Module",
          "product_id": "CSAFPID-31014",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:mcu_eth_service_and_modbus_tcp_module_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on FLPS",
          "product_id": "CSAFPID-31015",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:flps_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "All Firmware versions installed on MES1B B&B Converter",
          "product_id": "CSAFPID-31016",
          "product_identification_helper": {
            "cpe": "cpe:2.3:o:endress_hauser:mes1b_b_and_b_converter_firmware:*:*:*:*:*:*:*:*"
          }
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11016"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-8751",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP address over Sopas ET. This can lead to Denial of Service. Users are recommended to upgrade both MSC800 and MSC800 LFT to version V4.26 and S2.93.20 respectively which fixes this issue.",
          "title": "CVE Description"
        },
        {
          "audience": "all",
          "category": "details",
          "text": "A vulnerability allows a remote unauthenticated attacker to modify the product's IP address via the SOPAS ET interface, which can lead to a denial-of-service condition.",
          "title": "Vulnerability Details "
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Restrict device access to trusted and authorized entities only. Apply the general security measures during product operation to mitigate the identified security risk. \nRefer to the ICS‑CERT Recommended Practices for Industrial Security for additional guidance.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "no_fix_planned",
          "details": "There is no fix planned",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016"
          ]
        }
      ],
      "title": "Vulnerability in SICK MSC800"
    }
  ]
}