🔴 Critical | Source: CISA Known Exploited Vulnerabilities
A critical code injection vulnerability in the Lantronix EDS5000 device server allows attackers to inject arbitrary operating system commands via the username parameter. These commands execute with root privileges, giving an attacker full control over the affected device. The flaw is listed in CISA’s Known Exploited Vulnerabilities catalogue, confirming active exploitation in the wild.
Security Architect’s Take: Audit your network for any Lantronix EDS5000 devices, particularly those exposed at the network edge or used to bridge serial devices to cloud-connected infrastructure. Apply vendor patches immediately, restrict management interface access to trusted networks only, and treat any device potentially exposed to untrusted input as compromised pending remediation.
Original advisory: CVE-2025-67038: Lantronix EDS5000