ГлавнаяУязвимости → CVE-2025-41761
7.8высокая

CVE-2025-41761

Описание

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and ip) with sudo.

Затрагиваемое ПО
Mbs-solutions Universal bacnet router firmwareMbs-solutions Ubr-01 mk iiMbs-solutions Ubr-02Mbs-solutions Ubr-lon
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.mbs-solutions.de/mbs-2025-0001