• About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us
AimactGrow
  • Home
  • Technology
  • AI
  • SEO
  • Coding
  • Gaming
  • Cybersecurity
  • Digital marketing
No Result
View All Result
  • Home
  • Technology
  • AI
  • SEO
  • Coding
  • Gaming
  • Cybersecurity
  • Digital marketing
No Result
View All Result
AimactGrow
No Result
View All Result

CISA Alerts on Essential Veeder-Root Flaws Permitting Attackers to Execute System Instructions

Admin by Admin
October 28, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


The Cybersecurity and Infrastructure Safety Company (CISA) has issued a vital safety alert relating to critical vulnerabilities in Veeder-Root’s TLS4B Automated Tank Gauge System.

Launched on October 23, 2025, the alert warns that attackers may exploit these flaws to take management of business techniques used worldwide, notably within the vitality sector.

Two Essential Vulnerabilities Found

Safety researchers at Bitsight recognized two harmful vulnerabilities within the TLS4B system. The primary vulnerability entails improper neutralization of particular components in instructions, which suggests attackers can inject malicious code into the system.

CVE ID Vulnerability Kind Affected Product CVSS v3.1 Rating
CVE-2025-58428 Command Injection (CWE-77) Veeder-Root TLS4B ATG System 9.9
CVE-2025-55067 Integer Overflow/Wraparound (CWE-190) Veeder-Root TLS4B ATG System 7.1

Utilizing legitimate credentials, distant attackers can execute system-level instructions on the underlying Linux system, doubtlessly gaining full shell entry and shifting all through the community undetected.

This vulnerability, tracked as CVE-2025-58428, has been assigned an exceptionally excessive CVSS rating of 9.4 out of 10, indicating extreme threat.

The vulnerability is especially harmful as a result of it requires comparatively low complexity to use and is accessible from the web by means of the system’s SOAP-based net providers interface.

The second vulnerability pertains to integer overflow, a technical flaw affecting how the system handles Unix time values.

When the system clock reaches January 19, 2038, it resets to December 13, 1901. This time manipulation may cause authentication failures, disrupt vital system features like login entry and leak detection, and set off denial-of-service assaults that lock directors out completely.

The Veeder-Root TLS4B Automated Tank Gauge System is deployed worldwide, with explicit prevalence within the vitality sector. All variations previous to Model 11.A are weak to the command injection flaw. Organizations utilizing older variations stay at speedy threat.

Veeder-Root has launched Model 11.A to handle the command injection vulnerability (CVE-2025-58428). Organizations ought to improve instantly to this patched model.

For the integer overflow subject (CVE-2025-55067), a everlasting repair remains to be in improvement. Till it turns into obtainable, Veeder-Root recommends following their community safety finest practices.

CISA gives further defensive measures to reduce exploitation threat. Organizations ought to reduce web publicity for all management system gadgets, conserving them remoted behind firewalls and away from enterprise networks.

When distant entry is critical, utilizing Digital Non-public Networks (VPNs) with present updates gives further safety.

In response to CISA, no recognized public exploitation of those vulnerabilities has been reported as of the alert date.

Nevertheless, given the excessive severity scores and ease of exploitation, organizations ought to deal with this as pressing. Specialists advocate performing influence evaluation earlier than deploying any defensive measures to make sure minimal disruption.

Observe us on Google Information, LinkedIn, and X to Get Instantaneous Updates and Set GBH as a Most well-liked Supply in Google.

Tags: AlertsAllowingAttackersCISACommandsCriticalexecuteFlawsSystemVeederRoot
Admin

Admin

Next Post
The place is your N + 1?

New and previous, huge and small

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

4-word recommendation | Seth’s Weblog

4-word recommendation | Seth’s Weblog

April 3, 2025
Resident Evil Requiem interactive maps of Care Heart, Raccoon Metropolis, and extra

Resident Evil Requiem interactive maps of Care Heart, Raccoon Metropolis, and extra

March 3, 2026

Trending.

Nsfw Chatgpt Options – Examples I’ve Used

Nsfw Chatgpt Options – Examples I’ve Used

October 13, 2025
ModeloRAT and Mistic Backdoor Exercise Linked to Ransomware Preliminary Entry Dealer

ModeloRAT and Mistic Backdoor Exercise Linked to Ransomware Preliminary Entry Dealer

June 24, 2026
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Acquire Root Entry

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Acquire Root Entry

June 25, 2026
Web Information Caps Defined: The right way to Keep away from Overages and Discover Limitless Plans

Web Information Caps Defined: The right way to Keep away from Overages and Discover Limitless Plans

September 23, 2025
Hijacked npm and Go Packages Use VS Code Duties to Deploy Python Infostealer

Hijacked npm and Go Packages Use VS Code Duties to Deploy Python Infostealer

June 29, 2026

AimactGrow

Welcome to AimactGrow, your ultimate source for all things technology! Our mission is to provide insightful, up-to-date content on the latest advancements in technology, coding, gaming, digital marketing, SEO, cybersecurity, and artificial intelligence (AI).

Categories

  • AI
  • Coding
  • Cybersecurity
  • Digital marketing
  • Gaming
  • SEO
  • Technology

Recent News

Warframe’s Banshee is getting a rework

Warframe’s Banshee is getting a rework

July 12, 2026
Ghost Accounts Abuse GitHub API in Mass Recon Marketing campaign

Ghost Accounts Abuse GitHub API in Mass Recon Marketing campaign

July 12, 2026
  • About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us

© 2025 https://blog.aimactgrow.com/ - All Rights Reserved

No Result
View All Result
  • Home
  • Technology
  • AI
  • SEO
  • Coding
  • Gaming
  • Cybersecurity
  • Digital marketing

© 2025 https://blog.aimactgrow.com/ - All Rights Reserved