CNNVD-202508-3091 Information

Aug 26, 2025 cve

CNNVD ID

CNNVD-202508-3091

CVE-2025-25734

CNNVD Published: 2025-08-26

Description (Chinese)

Kapsch TrafficCom RIS-9260 RSU LEO和Kapsch TrafficCom RIS-9160都是奥地利Kapsch TrafficCom公司的一款道路测单元，具有智能交通中的车联网通信与协同管理功能。 Kapsch TrafficCom RIS-9260 RSU LEO和Kapsch TrafficCom RIS-9160 3.2.0.829.23版本、3.8.0.1119.42版本和4.6.0.1211.28版本存在安全漏洞，该漏洞源于未经验证的EFI shell，可能导致启动过程中执行任意代码或权限提升。

Description (English)

Kapsch TrafficCom RIS-9260 RSU LEO and Kapsch TrafficCom RIS-9160 are all road survey units of Kapsch TrafficCom, Austria, which function as a networked communications and co-management function in intelligent traffic. Kapsch TrafficCom RIS-9260 RSU LEO and Kapsch TrafficCom RIS-9160 3.2.0.829.23 versions, 3.8.0.1119.42 and 4.6.0.1211.28 have security gaps that originate from unverified EFI Shell and may lead to the implementation of any code or upgrade of authority during the start-up process.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Kapsch TrafficCom

Published

2025-08-26

Last Modified

2026-02-24

References

https://www.kapsch.net/en/press/releases/ktc-20200813-pr-en https://www.kapsch.net/_Resources/Persistent/55fb8d0fb279262809eac88d457894db1b3efcd5/Kapsch_RIS-9160_Datasheet_EN.pdf https://www.kapsch.net/_Resources/Persistent/3d251a8445e0bf50093903ad70b3dbed34dec7e7/KTC-CVS_RIS-9260_DataSheet.pdf https://phrack.org/issues/72/16_md https://cwe.mitre.org/data/definitions/1233.html https://nvd.nist.gov/vuln/detail/CVE-2025-25734

Share on: