exploitDog

CVE-2025-2858

Опубликовано: 28 мар. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-arteches-satech-bcu
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:arteche:satech_bcu_firmware:2.1.3:*:*:*:*:*:*:*

cpe:2.3:h:arteche:satech_bcu:-:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00173

Низкий

8.8 High

CVSS3

Дефекты

CWE-269

Связанные уязвимости

GHSA-74w3-v342-q9gv

CVSS3: 8.8

github

11 месяцев назад

Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser.

EPSS

Процентиль: 39%

0.00173

Низкий

8.8 High

CVSS3

Дефекты

CWE-269