QwikSec

Security Database

CVE

CWE

Training

CVE-2025-26409

Published: Feb 11, 2025

Modified: Nov 3, 2025

PUBLISHED

Description

A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed in recent firmware versions BSP >= 6.4.1.

Vendor	Product	Versions
Wattsense	Wattsense Bridge	affected `0 - < 6.4.1`

Weaknesses (CWE)

References

https://r.sec-consult.com/wattsense

third-party-advisory

https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes

release-notes

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.