PatchSiren

General Industrial Controls CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH General Industrial Controls CVE published 2025-11-13

CVE-2025-59780

CVE-2025-59780 affects General Industrial Controls Lynx+ Gateway. According to CISA’s advisory, the embedded web server lacks critical authentication, allowing unauthenticated GET requests to retrieve sensitive device information. The advisory was published on 2025-11-13 and assigns CVSS 3.1 7.5 (HIGH), reflecting a network-reachable confidentiality issue with no privileges or user interaction required.

CRITICAL General Industrial Controls CVE published 2025-11-13

CVE-2025-58083

CVE-2025-58083 is a critical vulnerability in General Industrial Controls Lynx+ Gateway. CISA’s advisory says the embedded web server is missing critical authentication, which could allow a remote attacker to reset the device. The supplied advisory rates the issue CVSS 10.0 and indicates General Industrial Controls did not respond to CISA’s coordination attempts, so defenders should treat this as an urgen [truncated]