The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding multiple vulnerabilities affecting General Industrial Controls’ Lynx+ Gateway device.
Released on November 13, 2025, under alert code ICSA-25-317-08, these flaws pose significant risks to industrial control systems. They could enable remote attackers to access sensitive information or disrupt critical operations.
| CVE ID | Vulnerability Type | CVSS v3 Score | CVSS v4 Score | CWE Reference |
|---|---|---|---|---|
| CVE-2025-58083 | Missing Authentication for Critical Function | 10.0 | 9.2 | CWE-306 |
Vulnerability Overview
The Lynx+ Gateway vulnerabilities encompass three distinct security weaknesses: weak password requirements, missing authentication for critical functions, and cleartext transmission of sensitive information.
These combined flaws create a dangerous attack surface that threat actors can exploit with minimal effort.
The most critical issue is the lack of authentication on the embedded web server, which allows attackers to reset the device without proper authorization remotely.
CISA has assigned a CVSS v4 score of 9.2 to the primary vulnerability, indicating critical severity.
The alert flags the attack as remotely exploitable and low in complexity, meaning adversaries require minimal resources or technical expertise to compromise affected devices.
Successful exploitation could result in the acquisition of sensitive device information, unauthorized system access, or the creation of denial-of-service conditions that turn off critical industrial operations.
The missing authentication vulnerability, designated CVE-2025-58083, carries a maximum severity CVSS v3 score of 10.0, the highest classification.
This vulnerability affects the web server’s authentication controls, allowing unauthenticated remote actors to perform administrative functions without any access restrictions.
The device reset capability alone could cause operational disruptions in industrial environments where unplanned downtime carries significant consequences.
The cleartext transmission vulnerability enables attackers to intercept sensitive data in transit without encryption.
Combined with weak password requirements, this creates a pathway for credential harvesting and unauthorized system access.
Organizations running Lynx+ Gateway devices face elevated risk, particularly those connected to critical infrastructure networks.
General Industrial Controls users are encouraged to check the CSAF advisories and official vendor security bulletins for specific patch availability and deployment guidance.
This alert underscores the ongoing threats facing industrial control systems. It emphasizes the importance of timely vulnerability management in critical infrastructure environments.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and set GBH as a Preferred Source in Google.