PatchSiren cyber security CVE debrief
CVE-2025-67035 Unknown Vendor CVE debrief
CISA’s advisory for CVE-2025-67035 describes multiple OS command injection vulnerabilities in the SSH Client and SSH Server pages of Lantronix EDS3000PS and EDS5000 devices. The flaw is tied to missing input sanitization in delete actions for objects such as server keys, users, and known hosts, and successful exploitation can execute commands with root privileges. The issue was publicly disclosed in CISA CSAF advisory ICSA-26-069-02 on 2026-03-10.
- Vendor
- Unknown Vendor
- Product
- Lantronix EDS3000PS 3.1.0.0R2 EDS5000 2.1.0.0R3
- CVSS
- HIGH 7.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-10
- Original CVE updated
- 2026-03-10
- Advisory published
- 2026-03-10
- Advisory updated
- 2026-03-10
Who should care
Administrators and operators responsible for Lantronix EDS3000PS and EDS5000 deployments, especially where the device web administration interface is reachable and high-privilege accounts are in use.
Technical summary
The supplied advisory text states that the SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. The vulnerable paths include delete actions for several object types, including server keys, users, and known hosts. The CVSS vector provided is CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H, indicating network reachability but a need for high privileges; the advisory also states that successful commands run with root privileges.
Defensive priority
High. Treat as a priority firmware/security maintenance item for affected devices, with immediate attention on any unit that is exposed to administrative users or operationally critical networks.
Recommended defensive actions
- Upgrade affected devices using the vendor remediation provided in the advisory; the supplied fix explicitly recommends EDS5000 version 2.2.0.0R1 for this CVE set.
- Restrict access to device administration pages and high-privilege accounts to trusted management networks only.
- Review and minimize who has administrative access, since the CVSS vector requires high privileges to exploit.
- Audit affected devices for unexpected configuration changes or signs of unauthorized command execution.
- Confirm the exact device model and firmware version against the advisory before and after remediation.
Evidence notes
The statements above are based on the CISA CSAF advisory source item and its quoted description: missing sanitization on SSH Client/Server pages, command injection in delete actions, and root-privileged execution. The advisory references CVE-2025-67035 and the remediation section recommends EDS5000 2.2.0.0R1. The source metadata also includes CWE-78 and a CVSS 3.1 vector of AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.
Official resources
-
CVE-2025-67035 CVE record
CVE.org
-
CVE-2025-67035 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA advisory ICSA-26-069-02 on 2026-03-10; no CISA KEV entry was supplied for this CVE.