PatchSiren cyber security CVE debrief
CVE-2025-14466 Güralp Systems CVE debrief
A vulnerability in the web interface of Güralp Systems Fortimus Series, Minimus Series, and Certimus Series allows unauthenticated attackers with network access to cause a brief denial-of-service condition by triggering a deliberate web service process restart through specially-crafted HTTP requests. The CVSS 3.1 score of 5.3 (MEDIUM) reflects network attack vector with low attack complexity, no privileges required, and low availability impact. The vulnerability was published on December 16, 2025, with CISA coordinating the advisory (ICSA-25-350-01). Güralp Systems recommends network segmentation via NAT or VPN firewall as mitigation. No known exploitation in ransomware campaigns has been reported, and this CVE is not listed in CISA's Known Exploited Vulnerabilities catalog.
- Vendor
- Güralp Systems
- Product
- Fortimus Series
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-12-16
- Original CVE updated
- 2025-12-16
- Advisory published
- 2025-12-16
- Advisory updated
- 2025-12-16
Who should care
Organizations operating Güralp Systems Fortimus, Minimus, or Certimus Series seismological or geophysical monitoring equipment in industrial, research, or critical infrastructure environments. Security teams responsible for ICS/OT network segmentation and remote access controls. Operators of networks where these devices are exposed or accessible from untrusted network segments.
Technical summary
The vulnerability exists in the web interface of Güralp Systems Fortimus Series, Minimus Series, and Certimus Series devices. An unauthenticated attacker with network connectivity can transmit specially-crafted HTTP requests that induce the web service process to restart deliberately. This restart mechanism, while designed to limit attack impact, creates a transient denial-of-service window during the restart period. The attack requires no authentication, no user interaction, and is exploitable over the network with low complexity. The availability impact is rated low per CVSS 3.1 due to the temporary nature of the service interruption and the self-healing restart behavior.
Defensive priority
medium
Recommended defensive actions
- Deploy Güralp Systems devices behind NAT or VPN firewall to restrict network access to the web interface
- Monitor for unexpected web service restarts on affected Güralp Systems devices
- Contact Güralp Systems directly for additional mitigation guidance and patch availability
- Apply network segmentation principles per CISA ICS recommended practices to limit exposure of industrial control systems
- Review and implement CISA defense-in-depth strategies for industrial control system environments
Evidence notes
Vulnerability description and mitigation guidance sourced from CISA CSAF advisory ICSA-25-350-01. CVSS vector confirmed as AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L. Vendor recommendation for NAT/VPN firewall deployment documented. No patch availability mentioned in source material.
Official resources
-
CVE-2025-14466 CVE record
CVE.org
-
CVE-2025-14466 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
coordinated