The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding an ongoing exploitation of a severe vulnerability affecting Lantronix EDS5000 Series devices. CISA has urged Federal Civilian Executive Branch (FCEB) agencies to implement necessary patches by June 26, 2026, to mitigate this risk.
Critical Vulnerability Details
The identified vulnerability, cataloged as CVE-2025-67038, bears a critical score of 9.8 on the CVSS scale. It involves a code injection flaw that can lead to the execution of unauthorized commands with elevated privileges. According to CVE.org, the issue arises from the HTTP RPC module executing shell commands when user authentication fails, allowing attackers to inject commands into the username parameter without proper sanitization.
This flaw was initially brought to light by Forescout Research Vedere Labs in April 2026. It is part of a broader vulnerability collection named BRIDGE:BREAK, impacting serial-to-IP converters from both Lantronix and Silex. Specifics on the exploitation methods or the entities behind these activities remain undisclosed.
Exploitation of Ubiquiti UniFi OS Vulnerabilities
In conjunction with this alert, CISA has also verified active exploitation of three critical vulnerabilities within Ubiquiti’s UniFi OS. This follows a report by Defused Cyber, which identified real-world abuse of these vulnerabilities, coded as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, to deploy widespread malware.
The vulnerabilities include improper input validation, path traversal allowing file access, and inadequate access control, all of which could be leveraged by attackers with network access to execute unauthorized actions, manipulate files, or gain system control. Patches for these vulnerabilities were released by Ubiquiti in the previous month.
Potential Risks and Recommendations
According to Belgium’s Centre for Cybersecurity, these vulnerabilities pose significant threats, enabling remote attackers to make unauthorized system changes, access sensitive data, and execute arbitrary commands. This compromises the confidentiality, integrity, and availability of affected systems, particularly since UniFi OS devices often serve as central components in network infrastructures.
The potential for lateral movement and more extensive network infiltration is heightened if these vulnerabilities are exploited successfully. Organizations are advised to promptly apply the available patches and strengthen their network security protocols to prevent unauthorized access and mitigate risks.
As cybersecurity threats continue to evolve, proactive measures and timely updates are crucial in safeguarding network systems against such critical vulnerabilities.
