Cyber Posture

CVE-2025-2862

High

Published: 28 March 2025

Published
28 March 2025
Modified
15 October 2025
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0025 47.9th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2862 is a high-severity Weak Encoding for Password (CWE-261) vulnerability in Arteche Satech Bcu Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Unsecured Credentials (T1552); ranked at the 47.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-28 (Protection of Information at Rest).

Threat & Defense at a Glance

What attackers do: exploitation maps to Unsecured Credentials (T1552) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-5 Authenticator Management good match
prevent

IA-5 requires secure management of authenticators including passwords, directly addressing weak encryption and storage to prevent credential extraction.

SC-28 Protection of Information at Rest good match
prevent

SC-28 mandates cryptographic protection for information at rest, comprehensively mitigating extraction of weakly encrypted credentials from device storage.

SI-2 Flaw Remediation good match
prevent

SI-2 ensures timely remediation of flaws like the weak password encryption in firmware version 2.1.3, preventing exploitation of this specific vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

T1552 Unsecured Credentials Credential Access
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
attack.mitre.org →
T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
attack.mitre.org →
Why these techniques?

Weak password encryption and insecure storage methods directly enable credential extraction from device storage, mapping to T1552 Unsecured Credentials and T1552.001 Credentials In Files.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. This allows an attacker with access to the device's system or website to obtain the credentials, as the storage methods used are not strong enough in terms of encryption.

Deeper analysisAI

CVE-2025-2862 is a vulnerability in the SaTECH BCU firmware version 2.1.3, where weak password encryption is implemented, classified under CWE-261. The issue stems from storage methods that lack sufficient encryption strength, enabling credential extraction. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high severity due to network accessibility, low attack complexity, and no requirements for privileges or user interaction.

An unauthenticated attacker with access to the device's system or website can exploit this vulnerability to obtain stored credentials. Exploitation requires no privileges and can occur remotely over the network with low complexity, resulting in high-impact confidentiality loss without affecting integrity or availability.

The INCIBE-CERT advisory (https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-arteches-satech-bcu), published on 2025-03-28, addresses multiple vulnerabilities in Arteches SaTECH BCU, including CVE-2025-2862.

Details

CWE(s)
CWE-261

Affected Products

arteche
satech bcu firmware
2.1.3

CVEs Like This One

CVE-2025-2858Same product: Arteche Satech Bcu
CVE-2025-2859Same product: Arteche Satech Bcu
CVE-2025-2863Same product: Arteche Satech Bcu
CVE-2025-2861Same product: Arteche Satech Bcu
CVE-2025-31229Shared CWE-261

References