- A critical command injection flaw (CVE-2025-67038) in Lantronix EDS5000 devices is being actively exploited, allowing attackers to execute arbitrary commands with root privileges.
- The U.S. CISA has mandated all Federal Civilian Executive Branch agencies to patch the vulnerability by June 26, 2026.
- Three additional maximum-severity vulnerabilities in Ubiquiti UniFi OS (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910) are also under active exploitation, enabling remote command execution and full system compromise.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urgently warned on June 24, 2026, of active exploitation of a critical security flaw in Lantronix EDS5000 Series devices, mandating federal agencies to apply fixes within days.
Identified as CVE-2025-67038 (CVSS score: 9.8), this code injection flaw allows attackers to inject arbitrary OS commands via the username parameter during authentication failures. Consequently, these commands execute with elevated root privileges on the vulnerable device.
Meanwhile, CISA also confirmed active exploitation of three critical vulnerabilities in Ubiquiti UniFi OS, a chain comprising CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. These flaws allow unauthenticated attackers to execute remote commands, access sensitive files, and make unauthorized system changes.
Earlier this month, Bishop Fox detailed a proof-of-concept that chains these vulnerabilities to obtain a reverse shell with full root privileges. The disclosure follows reports from Defused Cyber about in-the-wild abuse deploying commodity malware.
Belgium’s Centre for Cybersecurity said successful compromise could enable lateral movement and broader network compromise. Patches for the Ubiquiti flaws were released by the company late last month.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
