CVE-2025-58428
published 2025-10-23CVE-2025-58428: The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote…
PriorityP273critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
1.31%
67.0th percentile
The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote attackers with valid credentials to execute system-level commands on the underlying Linux system. This could allow the attacker to achieve remote command execution, full shell access, and potential lateral movement within the network.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| veeder-root | tls4b_automatic_tank_gauge_system | < 11.A | 11.A |
Detection & IOCsextracted from sources · hover to see the quote
- →Target the SOAP-based web services handler on TLS4B ATG systems; command injection is triggered through this interface by authenticated remote attackers ↗
- →Monitor for unexpected system-level command execution or shell spawning originating from the SOAP/web services process on TLS4B devices, which may indicate exploitation of CVE-2025-58428 ↗
- →Alert on TLS4B ATG devices running firmware versions prior to 11.A exposed to network access, as all such versions are affected by this command injection vulnerability ↗
- ·Exploitation requires valid credentials (low-privilege authenticated access); unauthenticated exploitation is not indicated by current reporting ↗
- ·No known public exploitation or proof-of-concept has been reported to CISA at time of advisory publication ↗
- ·The vulnerability is scoped as network-accessible (AV:N) with changed scope (S:C), meaning successful exploitation can impact resources beyond the TLS4B device itself, enabling lateral movement ↗
CVSS provenance
nvdv3.19.9CRITICALCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv4.09.4CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Veeder-Root TLS4B Automatic Tank Gauge System
cisa_ics·2025-10-23·CVSS 9.9
[CRITICAL] Veeder-Root TLS4B Automatic Tank Gauge System
ICS Advisory
##
Veeder-Root TLS4B Automatic Tank Gauge System
Release DateOctober 23, 2025
Alert CodeICSA-25-296-03
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.4
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Veeder-Root
- Equipment: TLS4B Automatic Tank Gauge System
- Vulnerabilities: Improper Neutralization of Special Elements used in a Command ('Command Injection'), Integer Overflow or Wraparound
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow attackers to execute system-level commands, gain full shell access, achieve remote command execution, move laterally within the network, trigger a denial of service condi
GHSA
GHSA-w3x5-65hg-jmhj: The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler
ghsa_unreviewed·2025-10-23
CVE-2025-58428 [CRITICAL] CWE-77 GHSA-w3x5-65hg-jmhj: The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler
The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote attackers with valid credentials to execute system-level commands on the underlying Linux system. This could allow the attacker to achieve remote command execution, full shell access, and potential lateral movement within the network.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-10-23
Published