Ris 9160 Firmware

6 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-25737 MEDIUM POC This Week

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Brute Force Ris 9160 Firmware Ris 9260 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2025-25736 MEDIUM POC This Week

Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge (ADB) pre-installed (/mnt/c3platpersistent/opt/platform-tools/adb). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Google Ris 9160 Firmware Ris 9260 Firmware Android
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-25735 MEDIUM POC Monitor

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers (PRRs), allowing attackers with. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ris 9160 Firmware Ris 9260 Firmware
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2025-25734 MEDIUM POC This Week

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Ris 9160 Firmware Ris 9260 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-25733 LOW POC Monitor

Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ris 9160 Firmware Ris 9260 Firmware
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-25732 MEDIUM POC This Week

Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows attackers to replace password. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ris 9160 Firmware Ris 9260 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-25737
EPSS 0% CVSS 6.8
MEDIUM POC This Week

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Brute Force Ris 9160 Firmware +1
NVD
CVE-2025-25736
EPSS 0% CVSS 6.8
MEDIUM POC This Week

Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge (ADB) pre-installed (/mnt/c3platpersistent/opt/platform-tools/adb). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Google Ris 9160 Firmware +2
NVD
CVE-2025-25735
EPSS 0% CVSS 4.6
MEDIUM POC Monitor

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers (PRRs), allowing attackers with. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ris 9160 Firmware Ris 9260 Firmware
NVD
CVE-2025-25734
EPSS 0% CVSS 6.8
MEDIUM POC This Week

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Ris 9160 Firmware +1
NVD
CVE-2025-25733
EPSS 0% CVSS 3.5
LOW POC Monitor

Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ris 9160 Firmware Ris 9260 Firmware
NVD
CVE-2025-25732
EPSS 0% CVSS 6.8
MEDIUM POC This Week

Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows attackers to replace password. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ris 9160 Firmware Ris 9260 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy