CNNVD-202508-3090 Information

Aug 26, 2025 cve

CNNVD ID

CNNVD-202508-3090

CVE-2025-25737

CNNVD Published: 2025-08-26

Description (Chinese)

Kapsch TrafficCom RIS-9260 RSU LEO和Kapsch TrafficCom RIS-9160都是奥地利Kapsch TrafficCom公司的一款道路测单元，具有智能交通中的车联网通信与协同管理功能。 Kapsch TrafficCom RIS-9260 RSU LEO和Kapsch TrafficCom RIS-9160 3.2.0.829.23、3.8.0.1119.42和4.6.0.1211.28版本存在安全漏洞，该漏洞源于BIOS Supervisor和User账户密码要求不严格，可能导致暴力破解绕过认证。

Description (English)

Kapsch TrafficCom RIS-9260 RSU LEO and Kapsch TrafficCom RIS-9160 are all road survey units of Kapsch TrafficCom, Austria, which function as a networked communications and co-management function in intelligent traffic. Kapsch TrafficCom RIS-9260 RSU LEO and Kapsch TrafficCom RIS-9160 3.2.00.829.23, 3.8.0.1119.42 and 4.6.1.211.28 have security loopholes that stem from the rigidity of password requirements in the accounts of BIOS Supervisor and User, which may lead to violent deciphering of authentication.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Kapsch TrafficCom

Published

2025-08-26

Last Modified

2026-02-24

References

https://www.kapsch.net/en/press/releases/ktc-20200813-pr-en https://www.kapsch.net/_Resources/Persistent/55fb8d0fb279262809eac88d457894db1b3efcd5/Kapsch_RIS-9160_Datasheet_EN.pdf https://www.kapsch.net/_Resources/Persistent/3d251a8445e0bf50093903ad70b3dbed34dec7e7/KTC-CVS_RIS-9260_DataSheet.pdf https://phrack.org/issues/72/16_md https://cwe.mitre.org/data/definitions/521.html https://nvd.nist.gov/vuln/detail/CVE-2025-25737

Share on: