VYPR

saTECH BCU

by Arteches

CVEs (2)

  • CVE-2025-2859CriMar 28, 2025
    risk 0.64cvss 9.8epss 0.00

    An attacker with network access, could capture traffic and obtain user cookies, allowing the attacker to steal the active user session and make changes to the device via web, depending on the privileges obtained by the user.

  • CVE-2025-2858HigMar 28, 2025
    risk 0.57cvss 8.8epss 0.00

    Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser.