Vulnerability Details CVE-2025-2859
An attacker with network access, could capture traffic and obtain user cookies, allowing the attacker to steal the active user session and make changes to the device via web, depending on the privileges obtained by the user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 57.3%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-2859
-
cpe:2.3:h:arteche:satech_bcu:-
-
cpe:2.3:o:arteche:satech_bcu_firmware:2.1.3