Satech Bcu Firmware
CVE-2025-2862
MEDIUM
Severity by source
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. This allows an attacker with access to the device's system or website to obtain the credentials, as the storage methods used are not strong enough in terms of encryption.
AnalysisAI
SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-261. SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. This allows an attacker with access to the device's system or website to obtain the credentials, as the storage methods used are not strong enough in terms of encryption. Affected products include: Arteche Satech Bcu Firmware. Version information: version 2.1.3.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Satech Bcu Firmware
View allPrivilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. Rated high severity (CVSS 8.5), this vulner
An attacker with network access, could capture traffic and obtain user cookies, allowing the attacker to steal the activ
SaTECH BCU in its firmware version 2.1.3, allows an authenticated attacker to access information about the credentials t
SaTECH BCU in its firmware version 2.1.3 uses the HTTP protocol. Rated medium severity (CVSS 6.9), this vulnerability is
Cross-site request forgery (CSRF) vulnerability in the web application of saTECH BCU firmware version 2.1.3, which could
SaTECH BCU, in its firmware version 2.1.3, could allow XSS attacks and other malicious resources to be stored on the web
SaTECH BCU in its firmware version 2.1.3 allows an attacker to inject malicious code into the legitimate website owning
Same weakness CWE-261 – Weak Encoding for Password
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today