CVE Vulnerabilities

CVE-2025-2862

Weak Encoding for Password

Published: Mar 28, 2025 | Modified: Mar 28, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. This allows an attacker with access to the devices system or website to obtain the credentials, as the storage methods used are not strong enough in terms of encryption.

Weakness

Obscuring a password with a trivial encoding does not protect the password.

Potential Mitigations

References