> TritonInfoSec News
Home / Jun 26, 2026 / Story
0
#5 The Hacker News general June 24, 2026 at 17:19 UTC

CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited

By [email protected] (The Hacker News)

AI Summary

CISA issued an urgent warning on June 24 that CVE-2025-67038 (CVSS 9.8), a critical code injection flaw in Lantronix EDS5000 Series serial-to-IP converter devices, is being actively exploited in the wild. FCEB agencies were ordered to apply fixes by June 26, 2026, the same day the vulnerability was flagged by SecurityWeek as part of the April 2026 BRIDGE:BREAK OT research disclosure. The flaw is particularly concerning given Lantronix devices' prevalence in industrial and OT network environments bridging legacy serial equipment to IP networks.

Read full article → https://thehackernews.com/2026/06/cisa-warns-criti…

Relevance score: 82.0/100

# More from June 26

  1. 1
    Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access The Hacker News
  2. 2
    Amadey, StealC malware operations disrupted in Operation Endgame action BleepingComputer
  3. 3
    In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw Dark Reading
  4. 4
    New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis The Hacker News
  5. 6
    CISA warns of max severity Ubiquiti flaws exploited in attacks BleepingComputer
  6. 7
    Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances WeLiveSecurity (ESET)
  7. 8
    BeyondTrust, LastPass Impacted by Klue-Salesforce Incident SecurityWeek
  8. 9
    Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking SecurityWeek
  9. 10
    Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability The Hacker News