CVE-2025-41690

Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions

Description

A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the device’s event log. This vulnerability could allow the Operator to authenticate as the Maintenance user, thereby gaining unauthorized access to sensitive configuration settings and the ability to modify device parameters.

INFO

Published Date :

2025-09-02T08:12:13.946Z

Last Modified :

2025-09-02T13:48:59.186Z

Source :

CERTVDE

AFFECTED PRODUCTS

The following products are affected by CVE-2025-41690 vulnerability.

Vendors	Products
Endress+hauser	Proline 10

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-41690.

URL	Resource
https://certvde.com/en/advisories/VDE-2025-068

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact