CVE-2025-25735 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.6 MEDIUM	PHYSICAL	LOW	NONE	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
mitre	CNA	---				---
CISA-ADP	ADP	4.6 MEDIUM	PHYSICAL	LOW	NONE	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 10%

Vendor	Product	Version
kapsch	ris-9160_firmware	3.2.0.829.23
kapsch	ris-9160_firmware	3.8.0.1119.42
kapsch	ris-9160_firmware	4.6.0.1211.28
kapsch	ris-9260_firmware	3.2.0.829.23
kapsch	ris-9260_firmware	3.8.0.1119.42
kapsch	ris-9260_firmware	4.6.0.1211.28

𝑥

= Vulnerable software versions

Known Exploits!

https://phrack.org/issues/72/16_md

Common Weakness Enumeration

CWE-1233 - Security-Sensitive Hardware Controls with Missing Lock Bit Protection
The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform changes to important hardware system configuration.

References

https://cwe.mitre.org/data/definitions/1233.html

https://phrack.org/issues/72/16_md

https://www.kapsch.net/_Resources/Persistent/3d251a8445e0bf50093903ad70b3dbed34dec7e7/KTC-CVS_RIS-9260_DataSheet.pdf

https://www.kapsch.net/_Resources/Persistent/55fb8d0fb279262809eac88d457894db1b3efcd5/Kapsch_RIS-9160_Datasheet_EN.pdf

https://www.kapsch.net/en

https://www.kapsch.net/en/press/releases/ktc-20200813-pr-en