CISA Warns: Critical Lynx+ Gateway Flaw (CVSS 10.0) Allows Unauthenticated Remote Reset; Vendor Non-Responsive
Ddos 
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory detailing multiple high-severity vulnerabilities affecting the Lynx+ Gateway manufactured by General Industrial Controls (GIC). According to the alert, βSuccessful exploitation of these vulnerabilities could result in obtaining sensitive device information, unauthorized access, or create a denial-of-service condition.β
The vulnerabilities span weak password requirements, missing authentication mechanisms in critical functions, and cleartext transmission of sensitive informationβsome scoring as high as CVSS 10.0, the maximum possible severity rating.
CISAβs advisory outlines four distinct vulnerabilities, each assigned its own CVE identifier.
1. Weak Password Requirement β CVE-2025-55034 (CVSS 8.2)
The product includes inadequate password requirements, creating exposure to brute-force attacks. The advisory states that the flaw βmay allow an attacker to execute a brute-force attack resulting in unauthorized access and login.β
2. Missing Authentication for Critical Function β CVE-2025-58083 (CVSS 10.0)
This is the most severe issue identified. CISA warns that βthe affected product is missing critical authentication in the embedded web server which could allow an attacker to remotely reset the device.β
A CVSS score of 10.0 reflects the ease of exploitation and potential operational impact.
3. Missing Authentication for Sensitive Data Retrieval β CVE-2025-59780 (CVSS 7.5)
Another authentication flaw enables remote attackers to access sensitive data. According to CISA, the web server weakness βcould allow an attacker to send GET requests to obtain sensitive device information.β
4. Cleartext Transmission of Sensitive Information β CVE-2025-62765 (CVSS 7.5)
The Lynx+ Gateway also transmits sensitive informationβincluding credentialsβwithout encryption. CISA notes βa cleartext transmission vulnerability that could allow an attacker to observe network traffic to obtain sensitive information, including plaintext credentials.β
Together, these flaws create a high-risk scenario where attackers could steal credentials, reset devices, access internal information, or disrupt operations.
CISA confirms the following versions of the Lynx+ Gateway are impacted:
- R08
- V03
- V05
- V18
These devices are commonly deployed across industrial and operational technology environments, meaning organizations relying on Lynx+ for connectivity or control should treat this advisory with urgency.
In a concerning development, CISA reports that the manufacturer did not cooperate with coordinated disclosure efforts: βGeneral Industrial Controls (GIC) did not respond to CISA’s attempts to coordinate.β
Related Posts:
- From Victim Profiles to Data Leaks: Inside the Lynx Ransomware-as-a-Service Ecosystem
- 20+ Victims and Counting: Lynx Ransomware’s Swift Rise
- Silent Lynx APT Group: A New Espionage Threat Targeting Central Asia
- Lynx Ransomware: The Evolution of INC Ransomware into a Potent Cyber Threat
- Operation Peek-A-Baku: Silent Lynx APT Exploits LNK Flaws to Deploy Reverse Shells via GitHub Against Central Asian Diplomacy
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
