CVE-2025-62765
published 2025-11-15CVE-2025-62765: General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow an attacker to observe network traffic to…
PriorityP344high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.29%
20.2th percentile
General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow
an attacker to observe network traffic to obtain sensitive information,
including plaintext credentials.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| general_industrial_controls | lynx+_gateway | — | — |
| general_industrial_controls | lynx+_gateway | — | — |
| general_industrial_controls | lynx+_gateway | — | — |
| general_industrial_controls | lynx+_gateway | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
General Industrial Controls Lynx+ Gateway
cisa_ics·2025-11-13·CVSS 8.2
[HIGH] General Industrial Controls Lynx+ Gateway
ICS Advisory
##
General Industrial Controls Lynx+ Gateway
Release DateNovember 13, 2025
Alert CodeICSA-25-317-08
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.2
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: General Industrial Controls
- Equipment: Lynx+ Gateway
- Vulnerabilities: Weak Password Requirements, Missing Authentication for Critical Function, Cleartext Transmission of Sensitive Information
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in obtaining sensitive device information, unauthorized access, or create a denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following
GHSA
GHSA-9g9v-vcmw-4mp4: General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow
an attacker to observe network traf
ghsa_unreviewed·2025-11-15
CVE-2025-62765 [HIGH] CWE-319 GHSA-9g9v-vcmw-4mp4: General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow
an attacker to observe network traf
General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow
an attacker to observe network traffic to obtain sensitive information,
including plaintext credentials.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-11-15
Published