CNNVD-202508-3092 Information

CNNVD ID

CNNVD-202508-3092

Related CVE

CVE-2025-25733

• CNNVD Published: 2025-08-26

Description (Chinese)

Kapsch TrafficCom RIS-9260 RSU LEO和Kapsch TrafficCom RIS-9160都是奥地利Kapsch TrafficCom公司的一款道路测单元，具有智能交通中的车联网通信与协同管理功能。 Kapsch TrafficCom RIS-9160和Kapsch TrafficCom RIS-9260 RSU LEO 3.2.0.829.23版本、3.8.0.1119.42版本和4.6.0.1211.28版本存在安全漏洞，该漏洞源于SPI Flash Chip访问控制不当，可能导致设备安全状态降级。

Description (English)

Kapsch TrafficCom RIS-9260 RSU LEO and Kapsch TrafficCom RIS-9160 are all road survey units of Kapsch TrafficCom, Austria, which function as a networked communications and co-management function in intelligent traffic. Kapsch TrafficCom RIS-9160 and Kapsch TrafficCom RIS-9260 RSU LEO 3.2.0.829.23, 3.8.0119.42 and 4.6.012.128 have security gaps that stem from inadequate access controls of SPI Flash Chip, which may lead to a downgrading of the security status of the equipment.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Kapsch TrafficCom

Published

2025-08-26

Last Modified

2026-02-24

References

https://www.kapsch.net/en/press/releases/ktc-20200813-pr-en https://www.kapsch.net/_Resources/Persistent/55fb8d0fb279262809eac88d457894db1b3efcd5/Kapsch_RIS-9160_Datasheet_EN.pdf https://www.kapsch.net/_Resources/Persistent/3d251a8445e0bf50093903ad70b3dbed34dec7e7/KTC-CVS_RIS-9260_DataSheet.pdf https://phrack.org/issues/72/16_md https://cwe.mitre.org/data/definitions/1233.html https://nvd.nist.gov/vuln/detail/CVE-2025-25733