CVE-2025-26409

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Feb 11, 2025

CWE ID 1191

CWE ID 1299

Summary

CVE-2025-26409 is a vulnerability affecting Wattsense Bridge devices. The issue allows an attacker with physical access to the PCB to access a serial interface, granting them entry to the bootloader and ultimately a root shell on the device. This vulnerability poses a significant risk as it can be exploited even without network access. It is recommended that users update their firmware to the latest version, BSP >= 6.4.1, to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Bridge

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3N0nZA
https://www.cve.org/CVERecord?id=CVE-2025-26409
https://nvd.nist.gov/vuln/detail/CVE-2025-26409

Back to Vulnerability Database