PatchSiren cyber security CVE debrief
CVE-2025-70082 Unknown Vendor CVE debrief
CVE-2025-70082 describes a password-management weakness in Lantronix EDS3000PS and EDS5000 devices where the administrator password can be changed without knowing the current password. CISA notes that, if this issue is chained with an authentication-bypass vulnerability, it may allow unauthenticated attackers to modify the administrator password. The supplied advisory rates the issue as low severity, but it still affects the integrity of device administration and deserves attention wherever these devices are exposed or centrally managed.
- Vendor
- Unknown Vendor
- Product
- Lantronix EDS3000PS 3.1.0.0R2 EDS5000 2.1.0.0R3
- CVSS
- LOW 2.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-10
- Original CVE updated
- 2026-03-10
- Advisory published
- 2026-03-10
- Advisory updated
- 2026-03-10
Who should care
OT/ICS operators, network administrators, and security teams responsible for Lantronix EDS3000PS or EDS5000 deployments—especially systems with remotely reachable management interfaces or strict change-control requirements.
Technical summary
The CISA CSAF advisory for CVE-2025-70082 says an attacker can change the administrator password without knowing the current password. The provided CVSS 3.1 vector is AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N (2.7), which reflects limited direct impact and the need for elevated privileges in the base case. The advisory also explicitly warns that chaining with an authentication-bypass flaw could raise the practical risk to unauthenticated password modification. The corpus includes a vendor remediation for EDS3000PS to upgrade to version 3.2.0.0R2; it does not provide a separate firmware target for EDS5000.
Defensive priority
Medium for exposed or remotely managed OT devices; otherwise low. Prioritize if the affected devices are relied on for critical access control or if any authentication-bypass issue is present in the environment.
Recommended defensive actions
- Upgrade EDS3000PS systems to version 3.2.0.0R2 as recommended in the advisory.
- Review whether any affected devices are reachable from untrusted networks and restrict management access where possible.
- Monitor for unauthorized administrator password changes or other unexpected configuration changes on affected devices.
- Apply CISA ICS recommended practices and defense-in-depth guidance for OT environments, including segmentation and least-privilege management access.
- Track whether your environment contains any authentication-bypass weaknesses that could combine with this password-change issue.
Evidence notes
Primary evidence comes from the CISA CSAF advisory ICSA-26-069-02, which states that the administrator password can be changed without knowledge of the current password and that chaining with an authentication-bypass vulnerability could enable unauthenticated attackers to modify the password. The advisory lists CVSS 3.1 as AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N (2.7) and recommends upgrading EDS3000PS to 3.2.0.0R2. The supplied vendor enrichment is marked low-confidence/needs review, even though the advisory title names Lantronix EDS3000PS and EDS5000.
Official resources
-
CVE-2025-70082 CVE record
CVE.org
-
CVE-2025-70082 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA in ICS Advisory ICSA-26-069-02 on 2026-03-10. The supplied enrichment does not mark this CVE as CISA KEV.