← volver
CVE-2025-41257

Suprema BioStar 2 Insecure Password Change

CVSS 4.8 MEDIUMEPSS 0.2%CWE-20
Suprema’s BioStar 2 in version 2.9.11.6 allows users to set new password without providing the current one. Exploiting this flaw combined with other vulnerabilities can lead to unauthorized account access and potential system compromise.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Productos afectados
Suprema · BioStar 2

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20251104-02_Suprema_BioStar_2_Insecure_Password_Changehttps://www.supremainc.com/en/platform/hybrid-security-platform-biostar-2.asp