CVE-2025-2861

Name of the Vulnerable Software and Affected Versions SaTECH BCU version 2.1.3

Description The issue concerns the use of the HTTP protocol for web browsing, which exchanges information in unencrypted text. This poses a problem as sensitive data, such as credentials, are exchanged and could be obtained by an attacker, allowing them to log in legitimately.

Recommendations For SaTECH BCU version 2.1.3, consider disabling the use of HTTP protocol for sensitive transactions until a secure alternative, such as HTTPS, is implemented. Restrict access to sensitive data and credentials to minimize the risk of exploitation.