CISA Warns: Critical Lynx+ Gateway Flaw (CVSS 10.0) Allows Unauthenticated Remote Reset; Vendor Non-Responsive

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory detailing multiple high-severity vulnerabilities affecting the Lynx+ Gateway manufactured by General Industrial Controls (GIC). According to the alert, “Successful exploitation of these vulnerabilities could result in obtaining sensitive device information, unauthorized access, or create a denial-of-service condition.”

The vulnerabilities span weak password requirements, missing authentication mechanisms in critical functions, and cleartext transmission of sensitive information—some scoring as high as CVSS 10.0, the maximum possible severity rating.

CISA’s advisory outlines four distinct vulnerabilities, each assigned its own CVE identifier.

1. Weak Password Requirement – CVE-2025-55034 (CVSS 8.2)

The product includes inadequate password requirements, creating exposure to brute-force attacks. The advisory states that the flaw “may allow an attacker to execute a brute-force attack resulting in unauthorized access and login.”

2. Missing Authentication for Critical Function – CVE-2025-58083 (CVSS 10.0)

This is the most severe issue identified. CISA warns that “the affected product is missing critical authentication in the embedded web server which could allow an attacker to remotely reset the device.”

A CVSS score of 10.0 reflects the ease of exploitation and potential operational impact.

3. Missing Authentication for Sensitive Data Retrieval – CVE-2025-59780 (CVSS 7.5)

Another authentication flaw enables remote attackers to access sensitive data. According to CISA, the web server weakness “could allow an attacker to send GET requests to obtain sensitive device information.”

4. Cleartext Transmission of Sensitive Information – CVE-2025-62765 (CVSS 7.5)

The Lynx+ Gateway also transmits sensitive information—including credentials—without encryption. CISA notes “a cleartext transmission vulnerability that could allow an attacker to observe network traffic to obtain sensitive information, including plaintext credentials.”

Together, these flaws create a high-risk scenario where attackers could steal credentials, reset devices, access internal information, or disrupt operations.

CISA confirms the following versions of the Lynx+ Gateway are impacted:

• R08
• V03
• V05
• V18

These devices are commonly deployed across industrial and operational technology environments, meaning organizations relying on Lynx+ for connectivity or control should treat this advisory with urgency.

In a concerning development, CISA reports that the manufacturer did not cooperate with coordinated disclosure efforts: “General Industrial Controls (GIC) did not respond to CISA’s attempts to coordinate.”

Related Posts:

• From Victim Profiles to Data Leaks: Inside the Lynx Ransomware-as-a-Service Ecosystem
• 20+ Victims and Counting: Lynx Ransomware’s Swift Rise
• Silent Lynx APT Group: A New Espionage Threat Targeting Central Asia
• Lynx Ransomware: The Evolution of INC Ransomware into a Potent Cyber Threat
• Operation Peek-A-Baku: Silent Lynx APT Exploits LNK Flaws to Deploy Reverse Shells via GitHub Against Central Asian Diplomacy