CVE Watchtower

CVE-2025-59780NVD

Description

General Industrial Controls Lynx+ Gateway is missing critical authentication in the embedded web server which
could allow an attacker to send GET requests to obtain sensitive device
information.

Severity Level

HIGH (8.7)

Published Date

15/11/2025

Last Modified

15/11/2025

Exploitation Status

????

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-317-08.json
https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-08