Primary

Context

Arteche saTECH BCU HTTP Protocol Vulnerability Allowing Credential Theft

Vulnerability

A vulnerability exists in Arteche's saTECH BCU control and automation equipment, specifically in firmware version 2.1.3. The issue arises from the use of the unencrypted HTTP protocol for web browsing, which exposes sensitive data such as credentials to interception by attackers. This vulnerability could allow an attacker to capture credentials and gain unauthorized access to the device.

Impact

Exploitation of this vulnerability could lead to the interception of unencrypted credentials, allowing attackers to log in to the affected device legitimately.

Remediation

Users can upgrade to saTECH BCU firmware version 2.2.1 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Arteche saTECH BCU HTTP Protocol Vulnerability Allowing Credential Theft

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating