PatchSiren cyber security CVE debrief
CVE-2025-2567 Lantronix CVE debrief
CVE-2025-2567 is a critical Lantronix XPort vulnerability that CISA says can let an attacker modify or disable device settings, disrupt fuel monitoring and supply chain operations, and potentially disable ATG monitoring. The advisory assigns a CVSS 3.1 score of 9.8 and identifies affected XPort firmware in the range >=6.5.0.7 and <7.0.0.3. Lantronix’s remediation includes firmware v8.0.0.0, and the vendor also recommends moving to XPort Edge for stronger protection.
- Vendor
- Lantronix
- Product
- XPort
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-04-15
- Original CVE updated
- 2025-04-29
- Advisory published
- 2025-04-15
- Advisory updated
- 2025-04-29
Who should care
OT/ICS operators, fuel storage and transportation teams, industrial security staff, and asset owners using Lantronix XPort in environments where ATG monitoring or other safety-related monitoring depends on the device.
Technical summary
The CISA CSAF advisory for CVE-2025-2567 describes a network-reachable issue with no privileges and no user interaction required (CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). CISA lists affected product coverage as Lantronix XPort firmware >=6.5.0.7 and <7.0.0.3. The impact described in the advisory is operational: an attacker could modify or disable settings, disrupt fuel monitoring and supply chain operations, and disable ATG monitoring, creating potential safety hazards. Update A to the advisory revised mitigation guidance and added a firmware fix link for XPort v8.0.0.0.
Defensive priority
Immediate. Treat as a high-priority OT remediation because the advisory ties the issue to monitoring disruption and safety risk in fuel storage and transportation.
Recommended defensive actions
- Upgrade affected Lantronix XPort devices to firmware v8.0.0.0 as directed in the advisory.
- If firmware upgrade is not immediately possible, follow Lantronix/CISA mitigation guidance and contact Lantronix for assistance.
- Verify whether any deployed XPort units fall within the affected range (>=6.5.0.7 and <7.0.0.3).
- Restrict network access to OT/ICS devices and apply defense-in-depth controls consistent with CISA ICS recommended practices.
- Monitor configuration changes and operational status for ATG and related safety systems after remediation.
- Consider migration planning to XPort Edge, noting that Lantronix states it is immune to these vulnerabilities.
Evidence notes
Primary evidence comes from the CISA CSAF advisory ICSA-25-105-05 for Lantronix XPort (published 2025-04-15, updated 2025-04-29). The CSAF lists the affected product as Lantronix XPort: >=6.5.0.7|<7.0.0.3, gives the impact statement about settings tampering and ATG monitoring disruption, and records remediation for firmware v8.0.0.0. Update A specifically says the mitigation section was revised and a firmware fix link was added. The CVSS vector and score are taken from the supplied source metadata.
Official resources
-
CVE-2025-2567 CVE record
CVE.org
-
CVE-2025-2567 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE-2025-2567 was published on 2025-04-15 and updated on 2025-04-29. This debrief is based on the CISA CSAF advisory and official CVE references supplied in the source corpus.