Vulnerability Details CVE-2025-2864
SaTECH BCU in its firmware version 2.1.3 allows an attacker to inject malicious code into the legitimate website owning the affected device, once the cookie is set. This attack only impacts the victim's browser (reflected XSS).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.2%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2025-2864
-
cpe:2.3:h:arteche:satech_bcu:-
-
cpe:2.3:o:arteche:satech_bcu_firmware:2.1.3