MEDIUM🇵🇱 Wersja polska

CVE-2025-25734

CVSS 6.8v3.1pub. 2025-08-26upd. 2025-10-22

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute arbitrary code or escalate privileges during the boot process.

CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Kapsch Ris 9160

    HW
    Kapsch
    wszystkie wersje
  • Kapsch Ris 9160 Firmware

    OS
    Kapsch
    3.2.0.829.233.8.0.1119.424.6.0.1211.28
  • Kapsch Ris 9260

    HW
    Kapsch
    wszystkie wersje
  • Kapsch Ris 9260 Firmware

    OS
    Kapsch
    3.2.0.829.233.8.0.1119.424.6.0.1211.28
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCELPE
CWE
References

Related vulnerabilities

CVE-2025-25732MEDIUM6.8ten sam produkt

Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs...

CVE-2025-25735MEDIUM4.6ten sam produkt

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 ...

CVE-2025-25736MEDIUM6.8ten sam produkt

Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contai...

CVE-2025-25737MEDIUM6.8ten sam produkt

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 ...

CVE-2025-25733LOW3.5ten sam produkt

Nieprawidłowa kontrola dostępu w pamięci SPI Flash urządzeń przydrożnych Kapsch TrafficCom RIS-9160 i RIS-9260...