Latest Lantronix vulnerabilities: Xport #
On April 15, 2025, CISA published an advisory announcing that certain versions of the Lantronix Xport products are affected by an authentication bypass vulnerability.
This vulnerability has been designated CVE-2025-2567 and has been assigned a CVSS score of 9.8 (critical).
What is the impact? #
Successfully exploiting this vulnerability could allow an attacker unauthorized access to the configuration interface, leading to potential disruption to monitoring and operations.
Xport versions 6.5.0.7 through 7.0.0.3 are vulnerable.
Are updates or workarounds available? #
Lantronix recommends that users upgrade to their Xport Edge product, which is not affected by this vulnerability.
As a mitigation, the general recommendation is to limit network exposure for all control systems and devices. In general control systems and devices shouldn't be directly connected to the public internet. In most cases they're not designed with security in mind and depend on another edge device.
How do I find potentially vulnerable systems with runZero? #
From the Asset Inventory, use the following query to locate potentially vulnerable systems:
hw:lantronix AND ((os:="Lantronix XPort%" AND not os:="Lantronix XPort Edge%") OR (lantronix.type:="XE" OR lantronix.type:="SE" OR lantronix.type:="AR" OR lantronix.type:="EH"))
