CVE-2025-26409

Name of the Vulnerable Software and Affected Versions: Wattsense Bridge devices versions prior to BSP 6.4.1

Description: A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device.

Recommendations: For versions prior to BSP 6.4.1, update to a recent firmware version BSP >= 6.4.1 to resolve the issue. As a temporary workaround, consider restricting physical access to the PCB of Wattsense Bridge devices to minimize the risk of exploitation.