CVE-2025-2864
Reflected Cross-Site Scripting (XSS) vulnerability in saTECH BCU
SaTECH BCU in its firmware version 2.1.3 allows an attacker to inject malicious code into the legitimate website owning the affected device, once the cookie is set. This attack only impacts the victim's browser (reflected XSS).
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:L/SA:N
Affected products
Arteche · saTECH BCUWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →