CVE-2025-2858HIGH 8.8EPSS p15.4%

CVE-2025-2858CVE-2025-2858

Description

Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.24% probability of exploitation · percentile 15.4% · 2026-06-19T12:03:05Z
Published2025-03-28
Last modified2025-10-15

Underlying weaknesses· 1

CWE-269

References

  1. https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-arteches-satech-bcu

1

TypeTargetConfidenceTier
WeaknessImproper Privilege Managementcwe-2690%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-12424
CVE
CVE-2025-65807
CVE
CVE-2025-8693
CVE
CVE-2025-52690
CVE
CVE-2025-0593
CVE
CVE-2025-0592
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.