🔴 Critical | Source: The Hacker News
CISA has added CVE-2025-67038, a critical code injection vulnerability (CVSS 9.8) in Lantronix EDS5000 Series device servers, to its Known Exploited Vulnerabilities catalogue following confirmed active exploitation. The flaw allows attackers to execute arbitrary code on affected devices, which are commonly used to connect serial devices to networks in industrial and enterprise environments. US federal agencies have been ordered to patch by 26 June 2026, but the active exploitation status makes this urgent for all organisations.
Security Architect’s Take: Audit your estate for Lantronix EDS5000 Series device servers — particularly in OT/IoT network segments or data centre serial console infrastructure — and apply the vendor patch immediately. If patching is not immediately possible, isolate affected devices behind strict network access controls and monitor for anomalous serial-to-network traffic.
Original advisory: CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited