Lantronix EDS5000 Series devices code-injection flaw (CVE-2025-67038)
Vulnerability
Summary
Hide ▲
Show ▼
CVE-2025-67038 in Lantronix EDS5000 Series devices is now under active exploitation, creating a root-level command execution risk for affected systems. CISA told FCEB agencies to apply the fixes by June 26, 2026. The flaw is a code injection issue with a CVSS 9.8 severity rating.
Related Happenings
BRICKSTORM backdoor activity and GRIMBOLT replacement on appliances
Malware Activity
H score29
First: 18.02.2026 12:32
Last: 18.02.2026 12:32
Sources 1
About this happening:
**BRICKSTORM** is a **Golang backdoor** used by **PRC state-sponsored actors** to keep **long-term persistence** on **VMware vSphere**, **Windows**, and appliance environments. **...
BRICKSTORM backdoor activity and GRIMBOLT replacement on appliances
Malware ActivityAbout this happening: **BRICKSTORM** is a **Golang backdoor** used by **PRC state-sponsored actors** to keep **long-term persistence** on **VMware vSphere**, **Windows**, and appliance environments. **...
CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551
Public Sector Action
H score53
First: 04.02.2026 07:50
Last: 04.02.2026 07:50
Sources 1
About this happening:
**CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...
CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551
Public Sector ActionAbout this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...
HPE OneView RondoDox exploitation wave (CVE-2025-37164)
Exploitation Wave
H score59
First: 16.01.2026 11:15
Last: 16.01.2026 11:15
Sources 1
About this happening:
**RondoDox** has driven a **large-scale exploitation wave** against **HPE OneView** by targeting **CVE-2025-37164**, with activity escalating into **automated attacks** that creat...
HPE OneView RondoDox exploitation wave (CVE-2025-37164)
Exploitation WaveAbout this happening: **RondoDox** has driven a **large-scale exploitation wave** against **HPE OneView** by targeting **CVE-2025-37164**, with activity escalating into **automated attacks** that creat...
Timeline
-
24.06.2026 20:19 2 articles · 2h ago
CISA warns of active exploitation of CVE-2025-67038 in Lantronix EDS5000 Series devices
Initial DisclosureCISA warned that CVE-2025-67038 is being actively exploited in Lantronix EDS5000 Series devices and told Federal Civilian Executive Branch agencies to apply fixes by June 26, 2026. The flaw is a CVSS 9.8 code injection issue in the HTTP RPC module that can let an attacker inject arbitrary OS commands through the username parameter and run them with root privileges; Forescout Research Vedere Labs disclosed the vulnerability in April 2026 as part of BRIDGE:BREAK.
Show sources
- CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited — thehackernews.com — 24.06.2026 20:19
- CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited — thehackernews.com — 24.06.2026 20:19