Main Vulnerability Database SB2025042320

SB2025042320 - Missing Authentication for Critical Function in Lantronix Xport

Published: April 23, 2025

Security Bulletin ID SB2025042320

Severity

High

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Missing Authentication for Critical Function (CVE-ID: CVE-2025-2567)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to missing authentication for critical function. A remote attacker can disable the ATG monitoring, leading to potential safety hazards in fuel storage and transportation.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-05