CVE-2025-2862
Published: 28 March 2025
Description
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
Security Summary
CVE-2025-2862 is a vulnerability in the SaTECH BCU firmware version 2.1.3, where weak password encryption is implemented, classified under CWE-261. The issue stems from storage methods that lack sufficient encryption strength, enabling credential extraction. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high severity due to network accessibility, low attack complexity, and no requirements for privileges or user interaction.
An unauthenticated attacker with access to the device's system or website can exploit this vulnerability to obtain stored credentials. Exploitation requires no privileges and can occur remotely over the network with low complexity, resulting in high-impact confidentiality loss without affecting integrity or availability.
The INCIBE-CERT advisory (https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-arteches-satech-bcu), published on 2025-03-28, addresses multiple vulnerabilities in Arteches SaTECH BCU, including CVE-2025-2862.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Weak password encryption and insecure storage methods directly enable credential extraction from device storage, mapping to T1552 Unsecured Credentials and T1552.001 Credentials In Files.