MEDIUM🇵🇱 Wersja polska

CVE-2025-2862

CVSS 6.9v4.0pub. 2025-03-28upd. 2025-10-15

SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. This allows an attacker with access to the device's system or website to obtain the credentials, as the storage methods used are not strong enough in terms of encryption.

CVSS Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Arteche Satech Bcu

    HW
    Arteche
    wszystkie wersje
  • Arteche Satech Bcu Firmware

    OS
    Arteche
    2.1.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-2858HIGH8.5ten sam produkt

Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CL...

CVE-2025-2859MEDIUM6.9ten sam produkt

An attacker with network access, could capture traffic and obtain user cookies, allowing the attacker to steal...

CVE-2025-2860MEDIUM6.9ten sam produkt

SaTECH BCU in its firmware version 2.1.3, allows an authenticated attacker to access information about the cre...

CVE-2025-2861MEDIUM6.9ten sam produkt

SaTECH BCU in its firmware version 2.1.3 uses the HTTP protocol. The use of the HTTP protocol for web browsing...

CVE-2025-2863MEDIUM5.7ten sam produkt

Cross-site request forgery (CSRF) vulnerability in the web application of saTECH BCU firmware version 2.1.3, w...

CVE-2025-2862 — Arteche — Satech Bcu — MEDIUM — CVSS 6.9 | CVEbaza.pl