{"id":69793,"date":"2025-09-01T14:19:54","date_gmt":"2025-09-01T14:19:54","guid":{"rendered":""},"modified":"2025-10-02T00:14:29","modified_gmt":"2025-10-02T06:14:29","slug":"cve-2025-25737-critical-vulnerability-in-kapsch-trafficcom-rsus-due-to-lack-of-secure-password-requirements","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-25737-critical-vulnerability-in-kapsch-trafficcom-rsus-due-to-lack-of-secure-password-requirements\/","title":{"rendered":"CVE-2025-25737: Critical Vulnerability in Kapsch TrafficCom RSUs Due to Lack of Secure Password Requirements<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The Common Vulnerabilities and Exposures (CVE) system has identified a significant security flaw in Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs). These systems, which are used to manage traffic flow and provide roadside communication, were discovered to lack secure password requirements for its BIOS Supervisor and User accounts. This lack of security places the systems, and potentially the data<\/a> they manage, at severe risk. Given how integral these systems are to traffic management and safety, the potential consequences of this vulnerability<\/a> are substantial and wide-reaching.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-25737
\nSeverity: Critical (9.8\/10.0)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: System compromise<\/a>, data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n Share secrets securely\r\n <\/h2>\r\n\r\n

\r\n Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n <\/p>\r\n\r\n

\r\n Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n <\/p>\r\n\r\n