CVE-2025-26409

Access to Bootloader and Shell Over Serial Interface

CVSS 6.8 MEDIUMEPSS 0.3%CWE-1191 CWE-1299

In short

Wattsense Bridge devices have a serial port on their circuit board that allows anyone with physical access to log in as root or control the bootloader, potentially taking over the device.

Technical detail

Physical access to the PCB serial interface enables bootloader access and unauthenticated root shell login without credentials. An attacker with physical proximity can exploit the unprotected serial port to modify firmware or execute arbitrary commands with elevated privileges.

Summary generated and translated by AI from the official description.

A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed in recent firmware versions BSP >= 6.4.1.

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Wattsense · Wattsense Bridge

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2025/Feb/9 https://r.sec-consult.com/wattsense https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes