top of page
perceptive_background_267k.jpg

Lantronix EDS3000PS and EDS5000

Published:

10 maart 2026 om 12:00:00

Alert date:

10 maart 2026 om 18:06:15

Source:

cisa.gov

Click to open the original link from this advisory

Critical Infrastructure, Network Infrastructure, Mobile & IoT

Multiple critical vulnerabilities discovered in Lantronix EDS3000PS and EDS5000 devices allowing authentication bypass and remote code execution with root privileges. Eight CVEs affect various functions including OS command injection in SSL credential management, SSH pages, log viewing, tunnel management, and authentication bypass. CVSS scores range from 2.7 to 9.8 (Critical). Vulnerabilities enable attackers to bypass authentication and execute arbitrary commands with root-level privileges. Affects critical infrastructure sectors including Communications, Information Technology, and Critical Manufacturing worldwide. Vendor patches available for both affected product lines.

Technical details

Mitigation steps:

Affected products:

Lantronix EDS3000PS
Lantronix EDS5000

Related links:

https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-069-02.json
https://nvd.nist.gov/vuln/detail/CVE-2025-67034
https://nvd.nist.gov/vuln/detail/CVE-2025-67035
https://nvd.nist.gov/vuln/detail/CVE-2025-67036
https://nvd.nist.gov/vuln/detail/CVE-2025-67037
https://nvd.nist.gov/vuln/detail/CVE-2025-67038
https://nvd.nist.gov/vuln/detail/CVE-2025-67039
https://nvd.nist.gov/vuln/detail/CVE-2025-70082
https://nvd.nist.gov/vuln/detail/CVE-2025-67041
https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/2538438657/Latest+Firmware+for+the+EDS5000+series+EDS5008+EDS5016+EDS5032
https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/1349189633/Latest+Firmware+for+the+EDS3000PS+series
https://cwe.mitre.org/data/definitions/78.html
https://cwe.mitre.org/data/definitions/288.html
https://cwe.mitre.org/data/definitions/620.html

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page