CVE-2025-2858
Published: 28 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-2858 is a privilege escalation vulnerability (CWE-269) affecting the saTECH BCU firmware version 2.1.3. It allows an attacker with access to the device's command-line interface (CLI) to exploit the "nice" command, bypassing all restrictions to elevate privileges to superuser level. The vulnerability has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.
An attacker requires low privileges (PR:L) and network access to the device (AV:N) with low attack complexity and no user interaction needed. With CLI access, the exploit involves invoking the "nice" command to circumvent security controls, granting full superuser capabilities. This enables complete control over the device, potentially leading to unauthorized data access, modification of configurations, or disruption of operations.
For mitigation details, refer to the INCIBE-CERT advisory on multiple vulnerabilities in Arteche saTECH BCU: https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-arteches-satech-bcu.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes a privilege escalation vulnerability (CWE-269) in the device's CLI that allows exploitation of the 'nice' command to bypass restrictions and gain superuser access from low-privileged network-accessible CLI, directly mapping to T1068: Exploitation for Privilege Escalation.