CVE-2025-41646

Published: Jun 6, 2025Modified: Jun 10, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: info@cert.vde.com (Secondary)

Description

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device

Affected (1)

Products: Kunbus: Revpi Status

Kunbus

1 product

Revpi Status

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kunbus Revpi Status	Before 2.4.6

Related CWEs

CWE-704

Incorrect Type Conversion or Cast

The product does not correctly convert an object, resource, or structure from one type to a different type.

References (2)

https://psirt.kunbus.com/.well-known/csaf/white/2025/kunbus-2025-0000003.json

Source: info@cert.vde.com

Product

https://www.kunbus.com/en/productsecurity/Kunbus-2025-0000003

Source: info@cert.vde.com

Vendor Advisory

Timeline

No history available yet.