CVE-2025-55067
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
Summary
The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history visibility, and leak detection termination. This vulnerability could allow an attacker to manipulate the system time to trigger a denial of service (DoS) condition, leading to administrative lockout, operational timer failures, and corrupted log entries.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Veeder-Root | TLS4B Automatic Tank Gauge System | 0 < 11.A | affected |
Weaknesses
- CWE-190: CWE-190 Integer Overflow or Wraparound
Workarounds
Veeder-Root is aware of the vulnerability and will provide a fix for it. Until a fix is available, users should adhere to the network security best practices https://www.veeder.com/us/network-security-reminder provided by Veeder-Root. Additionally, users should make all efforts to protect the borders of their environment to prevent bad actors from infiltrating and causing this issue.
Veeder-Root advises that their ASCs review and implement these best practices for network security with their users, when installing a new console or setting up a network port.
Contact Veeder-Root Technical Support at +1.800.323.1799 for additional help or questions.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-03
- https://www.veeder.com/us/network-security-reminder
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-03.json
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.