Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge (ADB) pre-installed (/mnt/c3platpersistent/opt/platform-tools/adb) and enabled by default, allowing unauthenticated root shell access to the cellular modem via the default 'kapsch' user.
Conclusion & alert: CVE-2025-25736 is rated Exploit Available (50.1/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.30%). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.05% | 0.30% | +0.25% |
| 2 | 2026-05-01 | 0.03% | 0.05% | +0.02% |
| 3 | 2025-10-23 | — | 0.03% | — |
Full EPSS history (5 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.8 | 3.1 | MEDIUM |
|
0.9 | 5.9 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| kapsch | ris-9160_firmware | 3.2.0.829.23 | cpe:2.3:o:kapsch:ris-9160_firmware:3.2.0.829.23:*:*:*:*:*:*:* |
| kapsch | ris-9160_firmware | 3.8.0.1119.42 | cpe:2.3:o:kapsch:ris-9160_firmware:3.8.0.1119.42:*:*:*:*:*:*:* |
| kapsch | ris-9160_firmware | 4.6.0.1211.28 | cpe:2.3:o:kapsch:ris-9160_firmware:4.6.0.1211.28:*:*:*:*:*:*:* |
| kapsch | ris-9260_firmware | 3.2.0.829.23 | cpe:2.3:o:kapsch:ris-9260_firmware:3.2.0.829.23:*:*:*:*:*:*:* |
| kapsch | ris-9260_firmware | 3.8.0.1119.42 | cpe:2.3:o:kapsch:ris-9260_firmware:3.8.0.1119.42:*:*:*:*:*:*:* |
| kapsch | ris-9260_firmware | 4.6.0.1211.28 | cpe:2.3:o:kapsch:ris-9260_firmware:4.6.0.1211.28:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://cwe.mitre.org/data/definitions/306.html | Technical Description |
| https://phrack.org/issues/72/16_md | Exploit Third Party Advisory |
| https://www.kapsch.net/_Resources/Persistent/3d251a8445e0bf50093903ad70b3dbed34dec7e7/KTC-CVS_RIS-9260_DataSheet.pdf | Broken Link |
| https://www.kapsch.net/en | Product |
| https://www.kapsch.net/en/press/releases/ktc-20200813-pr-en | Product |