CNNVD-202508-3095 Information

Aug 26, 2025 cve

CNNVD ID

CNNVD-202508-3095

CVE-2025-25735

CNNVD Published: 2025-08-26

Description (Chinese)

Kapsch TrafficCom RIS-9260和Kapsch TrafficCom RIS-9160都是奥地利Kapsch TrafficCom公司的一款道路测单元，具有智能交通中的车联网通信与协同管理功能。 Kapsch TrafficCom RIS-9260和Kapsch TrafficCom RIS-9160 Roadside Units 3.2.0.829.23版本、3.8.0.1119.42版本和4.6.0.1211.28版本存在安全漏洞，该漏洞源于缺少SPI Protected Range Registers，可能导致实时修改SPI flash。

Description (English)

Kapsch TrafficCom RIS-9260 and Kapsch TrafficCom RIS-9160 are all road survey units of Kapsch TrafficCom, Austria, with network communication and co-management functions in intelligent traffic. Kapsch TrafficCom RIS-9260 and Kapsch TrafficCom RIS-9160 Roadside Uniteds 3.2.0.829.23, 3.8.0119.42 and 4.6.1.211.28 have security gaps, which stem from the lack of SPI developed Range Registers, which may result in real-time changes to SPI flash.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Kapsch TrafficCom

Published

2025-08-26

Last Modified

2026-02-24

References

https://www.kapsch.net/en/press/releases/ktc-20200813-pr-en https://www.kapsch.net/_Resources/Persistent/55fb8d0fb279262809eac88d457894db1b3efcd5/Kapsch_RIS-9160_Datasheet_EN.pdf https://www.kapsch.net/_Resources/Persistent/3d251a8445e0bf50093903ad70b3dbed34dec7e7/KTC-CVS_RIS-9260_DataSheet.pdf https://phrack.org/issues/72/16_md https://cwe.mitre.org/data/definitions/1233.html https://nvd.nist.gov/vuln/detail/CVE-2025-25735

Share on: