We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-2567

Lantronix Xport Missing Authentication for Critical Function



Description

An attacker could modify or disable settings, disrupt fuel monitoring and supply chain operations, leading to disabling of ATG monitoring. This would result in potential safety hazards in fuel storage and transportation.

Reserved 2025-03-20 | Published 2025-04-15 | Updated 2025-04-15 | Assigner icscert


CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-306

Product status

Default status
unaffected

6.5.0.7
affected

Credits

Souvik Kandar from Microsec(microsec.io) reported this vulnerability to CISA. finder

References

www.cisa.gov/news-events/ics-advisories/icsa-25-105-05

cve.org (CVE-2025-2567)

nvd.nist.gov (CVE-2025-2567)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-2567

Support options

Helpdesk Chat, Email, Knowledgebase