CVE-2025-67038: Lantronix EDS5000 Code Injection Vulnerability
Summary
A code injection vulnerability (CVE-2025-67038) has been identified in Lantronix EDS5000 devices, allowing attackers to execute arbitrary OS commands with root privileges via the username parameter. CISA mandates that stakeholders apply vendor-provided mitigations and follow risk-based security update guidance by June 26, 2026, with specific considerations for cloud services.
IFF Assessment
This vulnerability allows for arbitrary command execution with root privileges, representing a significant threat to the affected devices and the networks they are connected to.
Severity
This score reflects a critical severity, with an attack vector via the network, no user interaction required, and high impact on confidentiality, integrity, and availability due to root privilege execution.
CISA KEV: Listed as actively exploited. Federal patch due: June 26, 2026. Known ransomware use: Unknown.
Defender Context
This vulnerability highlights the importance of securing IoT and industrial control system devices, as compromised credentials can lead to deep system compromise. Defenders should prioritize patching and actively monitor network traffic for suspicious command injection attempts targeting these devices.