CVE-2025-62765 | THREATINT

Description

General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow an attacker to observe network traffic to obtain sensitive information, including plaintext credentials.

PUBLISHED Reserved 2025-11-06 | Published 2025-11-14 | Updated 2025-11-17 | Assigner icscert

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-319

Product status

Default status

unaffected

Version R08

affected

Version V03

affected

Version V05

affected

Version V18

affected

Credits

Abhishek Pandey from Payatu Security Consulting Pvt. Ltd. reported these vulnerabilities to CISA. finder

References

www.cisa.gov/news-events/ics-advisories/icsa-25-317-08

github.com/...p/csaf_files/OT/white/2025/icsa-25-317-08.json

cve.org (CVE-2025-62765)

nvd.nist.gov (CVE-2025-62765)

Download JSON