CVE-2025-62765

Summary

General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow an attacker to observe network traffic to obtain sensitive information, including plaintext credentials.

Affected Software

VendorProductVersion RangeStatus
General Industrial ControlsLynx+ GatewayVersion R08affected
General Industrial ControlsLynx+ GatewayVersion V03affected
General Industrial ControlsLynx+ GatewayVersion V05affected
General Industrial ControlsLynx+ GatewayVersion V18affected

Weaknesses

  • CWE-319: CWE-319

Workarounds

General Industrial Controls (GIC) did not respond to CISA's attempts to coordinate. Users of General Industrial Controls Lynx+ Gateway are encouraged to reach out to GIC for more information.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References