MEDIUM🇬🇧 English

CVE-2025-25737

CVSS 6.8v3.1pub. 2025-08-26upd. 2025-10-22

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User accounts, allowing attackers to bypass authentication via a bruteforce attack.

oryginał EN
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Kapsch Ris 9160

    HW
    Kapsch
    wszystkie wersje
  • Kapsch Ris 9160 Firmware

    OS
    Kapsch
    3.2.0.829.233.8.0.1119.424.6.0.1211.28
  • Kapsch Ris 9260

    HW
    Kapsch
    wszystkie wersje
  • Kapsch Ris 9260 Firmware

    OS
    Kapsch
    3.2.0.829.233.8.0.1119.424.6.0.1211.28
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2025-25732MEDIUM6.8ten sam produkt

Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs...

CVE-2025-25734MEDIUM6.8ten sam produkt

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 ...

CVE-2025-25735MEDIUM4.6ten sam produkt

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 ...

CVE-2025-25736MEDIUM6.8ten sam produkt

Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contai...

CVE-2025-25733LOW3.5ten sam produkt

Nieprawidłowa kontrola dostępu w pamięci SPI Flash urządzeń przydrożnych Kapsch TrafficCom RIS-9160 i RIS-9260...

CVE-2025-25737 — MEDIUM 6.8 | CVEbaza.pl