CVE-2025-2862
HIGHDescription
SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. This allows an attacker with access to the device's system or website to obtain the credentials, as the storage methods used are not strong enough in terms of encryption.
Is your site exposed to CVE-2025-2862?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| arteche | satech_bcu_firmware |
| arteche | satech_bcu |
References
Frequently Asked Questions
What is CVE-2025-2862? +
How severe is CVE-2025-2862? +
What products are affected by CVE-2025-2862? +
How do I check if I'm vulnerable to CVE-2025-2862? +
Related Vulnerabilities
The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is …
Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after …
The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within …
Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, …
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may …
Authenticator is a browser extension that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data …