CVE-2025-25732 identifies a vulnerability in the EEPROM component of Kapsch TrafficCom RIS-9160 and RIS-9260 Roadside Units (RSUs), specifically in firmware versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28. The root cause is incorrect access control mechanisms that permit an attacker to overwrite password hashes stored in the EEPROM memory. By replacing legitimate password hashes with attacker-controlled hashes, an adversary can escalate privileges to root level on the device. This vulnerability falls under CWE-922 (Improper Restriction of Operations within the Bounds of a Memory Buffer), indicating a failure to properly restrict access to critical memory regions. Exploitation does not require prior authentication or user interaction, but does require access to the device’s EEPROM interface, which is typically accessible via network or physical means. The CVSS v3.1 base score is 6.8, reflecting a medium severity level with high impact on confidentiality, integrity, and availability. The vulnerability affects critical infrastructure components used in intelligent transportation systems, potentially allowing attackers to manipulate traffic data, disrupt operations, or gain persistent control over RSUs. No public patches or known exploits are currently reported, but the risk remains significant due to the critical nature of the affected devices.

For European organizations, the impact of CVE-2025-25732 is substantial given the role of Kapsch TrafficCom RSUs in managing traffic flow, tolling, and road safety systems. Successful exploitation could lead to unauthorized root access, enabling attackers to alter traffic signals, disable safety features, or inject false data into traffic management systems. This could cause traffic disruptions, accidents, or facilitate broader network intrusions into connected infrastructure. The confidentiality of sensitive operational data would be compromised, integrity of traffic control commands could be violated, and availability of RSUs could be disrupted, potentially leading to denial of service conditions. Given the interconnected nature of European intelligent transportation networks, a compromised RSU could serve as a foothold for lateral movement into other critical systems. The lack of known exploits currently provides a window for proactive mitigation, but the medium severity rating underscores the need for urgent attention.

1. Implement strict physical security controls to prevent unauthorized access to RSU hardware, especially the EEPROM interface. 2. Restrict network access to RSUs using network segmentation, firewalls, and VPNs to limit exposure to trusted administrators only. 3. Monitor RSU logs and network traffic for unusual activities indicative of attempted EEPROM access or password hash modifications. 4. Coordinate with Kapsch TrafficCom for firmware updates or patches addressing this vulnerability and plan timely deployment once available. 5. Employ integrity verification mechanisms for EEPROM contents, such as cryptographic checksums or secure boot processes, to detect unauthorized modifications. 6. Conduct regular security audits and penetration testing focused on RSU devices to identify and remediate access control weaknesses. 7. Develop incident response plans specific to RSU compromise scenarios to minimize operational impact. 8. Educate operational technology (OT) personnel on the risks and signs of exploitation related to this vulnerability.