Critical Vulnerability CVE-2025-67038 Exploited in Lantronix Devices

Critical Vulnerability CVE-2025-67038 Exploited in Lantronix Devices

First seen 25 Jun 2026, 14:25 UTC Dataminrattack.mitre.orgDigital.Nhs.Ukwww.cve.org 89% similarity 78.7
Share:

Article Content

Browse articles
ThreatCluster

On June 23, 2026, CISA added CVE-2025-67038 to its KEV list, indicating active exploitation. This vulnerability affects the Lantronix EDS5000 platform, allowing unauthenticated OS command injection. Exploitation can lead to arbitrary command execution with root privileges, impacting industrial automation systems. Lantronix has released security updates for affected devices, including EDS3000PS and EDS5000. The NHS England National CSOC assesses further exploitation as highly likely. The vulnerability was first published on March 11, 2026, and a public proof of concept was released on June 25, 2026. Affected organizations are urged to apply firmware updates immediately.

Key Points: • CVE-2025-67038 allows unauthenticated OS command injection in Lantronix devices. • CISA added the vulnerability to its KEV list on June 23, 2026, indicating active exploitation. • Lantronix has released security updates for affected EDS3000PS and EDS5000 devices.

ThreatCluster AI

Timeline

2026-03-11
CVE-2025-67038 published
The vulnerability in Lantronix devices was disclosed, affecting industrial automation systems.
Dataminr
2026-06-23
CISA adds CVE-2025-67038 to KEV list
CISA confirmed active exploitation of the vulnerability in the wild, impacting critical infrastructure.
Dataminr
2026-06-25
Public PoC released
A proof of concept for CVE-2025-67038 was made public, increasing the risk of further exploitation.
Digital.Nhs.Uk
2026-06-25
Lantronix releases security updates
Lantronix issued updates for EDS3000PS and EDS5000 devices to mitigate the vulnerabilities.
Digital.Nhs.Uk

Extracted Entities

1 / 2

Community

Browse all →