Lucene search
K

74 matches found

ICS
ICS
added 2025/10/31 5:2 p.m.7 views

Restaurant Brands International assistant platform multiple vulnerabilities

RISK EVALUATION Restaurant Brands International assistant platform is used to manage restaurants owned by RBI. Multiple vulnerabilities were found in the assistant platform. The most severe vulnerabilities chained together could allow a remote, unauthenticated attacker to create an account and...

8.6CVSS7.1AI score0.00443EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.10 views

CVE-2025-62642

The Restaurant Brands International RBI assistant platform through 2025-09-06 has an "Anyone Can Join This Party" signup API that does not verify user account creation, allowing a remote unauthenticated attacker to create a user account...

8.6CVSS7AI score0.00443EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.4 views

CVE-2025-62648

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume...

6.4CVSS7AI score0.00358EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.3 views

CVE-2025-62644

The Restaurant Brands International RBI assistant platform through 2025-09-06 has a Global Store Directory that shares personal information among authenticated users...

7.7CVSS6.6AI score0.00417EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.6 views

CVE-2025-62651

The Restaurant Brands International RBI assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface...

6.5CVSS6.9AI score0.00352EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.5 views

CVE-2025-62647

The Restaurant Brands International RBI assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload URL, for any store's path...

5.8CVSS7AI score0.00343EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.3 views

CVE-2025-62649

The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for submission of equipment orders...

5.8CVSS7.1AI score0.00488EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.5 views

CVE-2025-62646

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to review the stored audio of conversations between associates and Drive Thru customers...

7.7CVSS6.8AI score0.0049EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.5 views

CVE-2025-62643

The Restaurant Brands International RBI assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages...

8.6CVSS6.9AI score0.00291EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.5 views

CVE-2025-62650

The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen...

9.9CVSS7.1AI score0.00479EPSS
Exploits0References1
OSV
OSV
added 2025/10/17 9:15 p.m.4 views

CVE-2025-62651

The Restaurant Brands International RBI assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface...

5.8CVSS5.8AI score0.00352EPSS
Exploits1References5
OSV
OSV
added 2025/10/17 9:15 p.m.2 views

CVE-2025-62649

The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for submission of equipment orders...

5.8CVSS5.8AI score
Exploits0References5
NVD
NVD
added 2025/10/17 9:15 p.m.4 views

CVE-2025-62651

The Restaurant Brands International RBI assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface...

6.5CVSS0.00352EPSS
Exploits1References5
NVD
NVD
added 2025/10/17 9:15 p.m.4 views

CVE-2025-62650

The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen...

9.9CVSS0.00479EPSS
Exploits0References5
NVD
NVD
added 2025/10/17 9:15 p.m.3 views

CVE-2025-62649

The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for submission of equipment orders...

5.8CVSS0.00488EPSS
Exploits1References5
OSV
OSV
added 2025/10/17 9:15 p.m.4 views

CVE-2025-62646

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to review the stored audio of conversations between associates and Drive Thru customers...

7.7CVSS5.9AI score0.0049EPSS
Exploits1References5
OSV
OSV
added 2025/10/17 9:15 p.m.3 views

CVE-2025-62643

The Restaurant Brands International RBI assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages...

8.6CVSS5.8AI score0.00291EPSS
Exploits1References5
OSV
OSV
added 2025/10/17 9:15 p.m.3 views

CVE-2025-62644

The Restaurant Brands International RBI assistant platform through 2025-09-06 has a Global Store Directory that shares personal information among authenticated users...

7.7CVSS5.8AI score0.00417EPSS
Exploits1References5
OSV
OSV
added 2025/10/17 9:15 p.m.3 views

CVE-2025-62645

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows a remote authenticated attacker to obtain a token with administrative privileges for the entire platform via the createToken GraphQL mutation...

9.9CVSS5.8AI score0.00653EPSS
Exploits1References5
OSV
OSV
added 2025/10/17 9:15 p.m.5 views

CVE-2025-62648

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume...

5.8CVSS5.9AI score0.00358EPSS
Exploits1References5
Rows per page
Query Builder