Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning
Summary
A flaw in Lantronix serial-to-IP converters, identified as CVE-2025-67038, is being actively exploited in attacks. This vulnerability was disclosed in April as part of the BRIDGE:BREAK research project and follows a threat warning related to operational technology (OT).
IFF Assessment
The active exploitation of a vulnerability in critical OT infrastructure presents a direct threat to operational continuity and security.
Severity
The flaw is being actively exploited, indicating high exploitability. The impact on OT systems can be severe, potentially leading to disruption of industrial processes or unauthorized access and control, thus meriting a high score.
CISA KEV: Listed as actively exploited. Federal patch due: June 26, 2026. Known ransomware use: Unknown.
Defender Context
Defenders overseeing OT environments should prioritize patching or mitigating vulnerabilities in Lantronix serial-to-IP converters. The active exploitation highlights the importance of continuous monitoring and rapid response to emerging threats targeting industrial control systems.