ICSA-25-191-09
·
Published 2025-07-10
·
View on CISA ICS-CERT ↗
KUNBUS RevPi Webstatus
CVSS 9.8
CRITICAL
Risk Summary
Successful exploitation of this vulnerability could allow attackers to bypass authentication and gain unauthorized access to the application.
CVEs (1)
Remediations
- KUNBUS has identified the following specific workarounds and mitigations users can apply to reduce risk:
- For Revolution Pi Webstatus Version 2.4.5 and prior: Install the updated package Version 2.4.6 either using apt-get update && apt-get upgrade or download it manually and install via dpkg.
- For more information, see the associated KUNBUS PSIRT security advisory, Kunbus-2025-0000003 URL generated by system.
Affected Vendors
KUNBUS
Affected Products (6)
KUNBUS
·
Revolution Pi Webstatus
<=2.4.5
KUNBUS
·
Revolution Pi OS Bullseye
04/2024
KUNBUS
·
Revolution Pi OS Bullseye
09/2023
KUNBUS
·
Revolution Pi OS Bullseye
07/2023
KUNBUS
·
Revolution Pi OS Bullseye
06/2023
KUNBUS
·
Revolution Pi OS Bullseye
02/2024
Affected Sectors
Critical Manufacturing, Energy, Transportation Systems, Water and Wastewater Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more