CVE-2025-54807

Summary

The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass authentication, gaining complete access to the system.

Affected Software

VendorProductVersion RangeStatus
Dover Fueling SolutionsProGauge MagLink LX 40 < 4.20.3affected
Dover Fueling SolutionsProGauge MagLink LX Plus0 < 4.20.3affected
Dover Fueling SolutionsProGauge MagLink LX Ultimate0 < 5.20.3affected

Weaknesses

  • CWE-321: CWE-321

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References