CVE-2025-3925

BrightSign Players Execution with Unnecessary Privileges

Description

BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 contain an execution with unnecessary privileges vulnerability, allowing for privilege escalation on the device once code execution has been obtained.

Remediation

Solution:

  • BrightSign fixed CVE-2025-3925 https://www.cve.org/CVERecord in v8.5.53.1 (for series 4 players) and v9.0.166 (for series 5 players). Both of these have been released and available on the BrightSign download site. https://www.brightsign.biz/resources/software-downloads/ For more information, please contact BrightSign via their website. https://www.brightsign.biz/contact-us/

Workaround:

  • BrightSign recommends the following security practices: * Change default passwords when the device is initially set up. * Disable the local DWS as described in "High Security settings". * Disable the SSH/telnet server when not being used - it is not enabled by default. * Devices should be located where an attacker does not have physical access to the device. * SD and USB ports can be disabled if not needed. For more information, please contact BrightSign via their website. https://www.brightsign.biz/contact-us/

Category

8.5
CVSS
Severity: High
CVSS 4.0 •
CVSS 3.1 •
EPSS 0.01%
Affected: BrightSign BrightSign OS series 4 players
Affected: BrightSign BrightSign OS series 5 players
Published at:
Updated at:

References

Link Tags
https://www.cisa.gov/news-events/ics-advisories/icsa-25-126-03
https://www.brightsign.biz/resources/software-downloads/

Frequently Asked Questions

What is the severity of CVE-2025-3925?
CVE-2025-3925 has been scored as a high severity vulnerability.
How to fix CVE-2025-3925?
To fix CVE-2025-3925: BrightSign fixed CVE-2025-3925 https://www.cve.org/CVERecord in v8.5.53.1 (for series 4 players) and v9.0.166 (for series 5 players). Both of these have been released and available on the BrightSign download site. https://www.brightsign.biz/resources/software-downloads/ For more information, please contact BrightSign via their website. https://www.brightsign.biz/contact-us/
Is CVE-2025-3925 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-3925 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-3925?
CVE-2025-3925 affects BrightSign BrightSign OS series 4 players, BrightSign BrightSign OS series 5 players.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.