Rbi Restaurant_brands_international_assistant
10 CVEs affecting Rbi Restaurant_brands_international_assistant. Latest disclosed: 2025-10-17. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-62645 | Critical | 9.9 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote authenticated attacker to obtain a token with administrative pr… |
CVE-2025-62650 | High | 8.3 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen. |
CVE-2025-62651 | Medium | 6.5 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface. |
CVE-2025-62648 | Medium | 6.4 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume. |
CVE-2025-62649 | Medium | 5.8 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for submission of equipment orders. |
CVE-2025-62642 | Medium | 5.8 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has an "Anyone Can Join This Party" signup API that does not verify user accoun… |
CVE-2025-62647 | Medium | 5.0 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API t… |
CVE-2025-62646 | Medium | 5.0 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote attackers to review the stored audio of conversations between ass… |
CVE-2025-62644 | Medium | 5.0 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has a Global Store Directory that shares personal information among authenticat… |
CVE-2025-62643 | Low | 3.4 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages. |