Security Advisory

CVE-2025-2864

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-28 13:23:41

Last updated 2025-03-28 14:32:45

Assigner INCIBE

State PUBLISHED

Description

SaTECH BCU in its firmware version 2.1.3 allows an attacker to inject malicious code into the legitimate website owning the affected device, once the cookie is set. This attack only impacts the victims browser (reflected XSS).

← Browse all CVEs View on cve.org ↗