BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

CISA Urges Fix for Critical Lantronix Device Vulnerability

Lantronix and Ubiquiti critical flaws exploited for root access, patch urgently.

  • A critical command injection flaw (CVE-2025-67038) in Lantronix EDS5000 devices is being actively exploited, allowing attackers to execute arbitrary commands with root privileges.
  • The U.S. CISA has mandated all Federal Civilian Executive Branch agencies to patch the vulnerability by June 26, 2026.
  • Three additional maximum-severity vulnerabilities in Ubiquiti UniFi OS (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910) are also under active exploitation, enabling remote command execution and full system compromise.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urgently warned on June 24, 2026, of active exploitation of a critical security flaw in Lantronix EDS5000 Series devices, mandating federal agencies to apply fixes within days.

- Advertisement -

Identified as CVE-2025-67038 (CVSS score: 9.8), this code injection flaw allows attackers to inject arbitrary OS commands via the username parameter during authentication failures. Consequently, these commands execute with elevated root privileges on the vulnerable device.

Meanwhile, CISA also confirmed active exploitation of three critical vulnerabilities in Ubiquiti UniFi OS, a chain comprising CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. These flaws allow unauthenticated attackers to execute remote commands, access sensitive files, and make unauthorized system changes.

Earlier this month, Bishop Fox detailed a proof-of-concept that chains these vulnerabilities to obtain a reverse shell with full root privileges. The disclosure follows reports from Defused Cyber about in-the-wild abuse deploying commodity malware.

Belgium’s Centre for Cybersecurity said successful compromise could enable lateral movement and broader network compromise. Patches for the Ubiquiti flaws were released by the company late last month.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

OpenAI Questions Merit of Apple’s Trade Secrets Suit

Apple accused OpenAI of targeting current and former employees to obtain confidential documents, designs,...

Senate to vote on crypto bill amid ethics corruption debate

The US Senate is expected to vote before August 10 on the CLARITY Act,...

IBM shares plummet 25% after earnings miss, worst drop in decades

IBM shares plunged up to 25% on Tuesday after missing Q2 earnings expectations, marking...

DeepMind CEO: AGI just years away, demands new US safety tests

Google DeepMind CEO Demis Hassabis predicts AGI will arrive within a few years, comparing...

Warsh: No Stablecoin Bailout, GENIUS Act Deadline Near

Federal Reserve Chair Kevin Warsh told lawmakers the central bank will not bail out...

Must Read

How To Buy a Handshake Domain: A Step-by-Step Guide

Handshake Domains | Benefits | Drawbacks | How To Buy | Supported BrowsersIn this step-by-step guide, I am going to show you how to...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading