PatchSiren cyber security CVE debrief
CVE-2025-58083 General Industrial Controls CVE debrief
CVE-2025-58083 is a critical vulnerability in General Industrial Controls Lynx+ Gateway. CISA’s advisory says the embedded web server is missing critical authentication, which could allow a remote attacker to reset the device. The supplied advisory rates the issue CVSS 10.0 and indicates General Industrial Controls did not respond to CISA’s coordination attempts, so defenders should treat this as an urgent exposure to assess and contain.
- Vendor
- General Industrial Controls
- Product
- Lynx+ Gateway
- CVSS
- CRITICAL 10
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-11-13
- Original CVE updated
- 2025-11-13
- Advisory published
- 2025-11-13
- Advisory updated
- 2025-11-13
Who should care
Owners and operators of General Industrial Controls Lynx+ Gateway devices, OT/ICS administrators, plant engineers, network security teams, and incident responders responsible for industrial gateway management interfaces.
Technical summary
According to the CISA CSAF advisory, the product’s embedded web server lacks critical authentication. The described impact is remote device reset, which can disrupt availability and operational integrity. The supplied CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H, indicating a network-reachable issue requiring no privileges or user interaction, with high integrity and availability impact and changed scope. The advisory does not provide exploit details beyond the missing-authentication condition and potential remote reset effect.
Defensive priority
Immediate
Recommended defensive actions
- Identify all General Industrial Controls Lynx+ Gateway assets and determine whether the embedded web server is reachable from any untrusted network.
- Restrict management access to trusted administrative hosts and segmented OT administration paths only.
- Apply vendor guidance as soon as it is available; the supplied advisory instructs users to contact General Industrial Controls for more information.
- Monitor for unexpected gateway resets, configuration changes, and other unauthorized management activity.
- Review OT network segmentation and defense-in-depth controls around gateway management interfaces.
- Follow CISA industrial control system recommended practices for hardening and monitoring exposed ICS assets.
Evidence notes
Primary evidence comes from the CISA CSAF source item for ICSA-25-317-08, which states that the embedded web server is missing critical authentication and that an attacker could remotely reset the device. The source metadata also records the CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H and notes that General Industrial Controls did not respond to CISA’s attempts to coordinate. The published and modified dates supplied for the CVE and source are both 2025-11-13T07:00:00Z.
Official resources
-
CVE-2025-58083 CVE record
CVE.org
-
CVE-2025-58083 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory and CVE on 2025-11-13. The supplied source states that General Industrial Controls did not respond to CISA’s coordination attempts and does not provide a specific vendor patch in the remediations section, only a指