CVE-2025-41646
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Kunbus | Revolution Pi webstatus | 0.0.0 <= 2.4.5 | affected |
Weaknesses
- CWE-704: CWE-704 Incorrect Type Conversion or Cast
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
- https://www.kunbus.com/en/productsecurity/Kunbus-2025-0000003
- https://psirt.kunbus.com/.well-known/csaf/white/2025/kunbus-2025-0000003.json
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.