CVE-2025-54807
published 2025-09-18CVE-2025-54807: The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass…
PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.68%
47.7th percentile
The secret used for validating authentication tokens is hardcoded in
device firmware for affected versions. An attacker who obtains the
signing key can bypass authentication, gaining complete access to the
system.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dover_fueling_solutions | progauge_maglink_lx_4 | < 4.20.3 | 4.20.3 |
| dover_fueling_solutions | progauge_maglink_lx_plus | < 4.20.3 | 4.20.3 |
| dover_fueling_solutions | progauge_maglink_lx_ultimate | < 5.20.3 | 5.20.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect authentication bypass attempts against ProGauge MagLink LX4 devices by monitoring for JWT or token-based authentication requests that succeed without valid credentials — indicative of forged tokens signed with the hardcoded key ↗
- →Alert on any ProGauge MagLink LX4 device directly reachable from the internet or outside a firewall boundary, as the vulnerability is exploitable remotely with low attack complexity and no privileges required ↗
- ·The hardcoded cryptographic key is embedded in device firmware; no patch or configuration change can remediate this without a firmware upgrade to 4.20.3 (LX4/LX4 Plus) or 5.20.3 (LX4 Ultimate) ↗
- ·CVE-2025-54807 is one of three vulnerabilities in this advisory; the device also has unchangeable default root credentials (CVE-2025-30519) and an integer overflow in time handling (CVE-2025-55068), compounding the risk of full compromise ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Dover Fueling Solutions ProGauge MagLink LX4 Devices
cisa_ics·2025-09-18·CVSS 8.2
[HIGH] Dover Fueling Solutions ProGauge MagLink LX4 Devices
ICS Advisory
##
Dover Fueling Solutions ProGauge MagLink LX4 Devices
Release DateSeptember 18, 2025
Alert CodeICSA-25-261-07
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/Low attack complexity
- Vendor: Dover Fueling Solutions
- Equipment: ProGauge MagLink LX4, ProGauge MagLink LX4 Plus, ProGauge MagLink LX4 Ultimate
- Vulnerabilities: Integer Overflow or Wraparound, Use of Hard-coded Cryptographic Key, Use of Weak Credentials
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in a remote attacker causing a denial-of-service condition or gaining administrative access to the device.
## 3. TECHNICAL DE
GHSA
GHSA-fmx3-xgw6-w7g2: The secret used for validating authentication tokens is hardcoded in
device firmware for affected versions
ghsa_unreviewed·2025-09-18
CVE-2025-54807 [CRITICAL] CWE-321 GHSA-fmx3-xgw6-w7g2: The secret used for validating authentication tokens is hardcoded in
device firmware for affected versions
The secret used for validating authentication tokens is hardcoded in
device firmware for affected versions. An attacker who obtains the
signing key can bypass authentication, gaining complete access to the
system.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-18
Published