PT-2025-13516 · Satech · Satech Bcu Firmware

Aarón Flecha

Published

2025-03-28

Updated

2025-10-15

CVE-2025-2858

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions saTECH BCU firmware version 2.1.3

Description A privilege escalation issue exists in the saTECH BCU firmware, allowing an attacker with access to the device's Command Line Interface (CLI) to bypass restrictions and elevate privileges to a superuser using the nice command. This issue is considered critical and requires immediate attention.

Recommendations For saTECH BCU firmware version 2.1.3, apply the necessary patch to fix the privilege escalation vulnerability. As a temporary workaround, consider restricting access to the CLI and limiting the use of the nice command to minimize the risk of exploitation.

Fix

LPE

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2025-2858

Affected Products

Satech Bcu Firmware

PT-2025-13516 · Satech · Satech Bcu Firmware

CVE-2025-2858

Weakness Enumeration

Related Identifiers

Affected Products

References · 6