The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about active exploitation of a critical vulnerability affecting Lantronix EDS5000 Series devices. Tracked as CVE-2025-67038 and carrying a CVSS severity score of 9.8, the flaw allows attackers to inject operating system commands through an unsanitized username parameter in the device’s HTTP RPC authentication logging process. Successful exploitation can grant root-level command execution, giving attackers complete control over affected systems.
The vulnerability was originally disclosed by Forescout Research’s Vedere Labs as part of the broader “BRIDGE” research project, which uncovered multiple security weaknesses in serial-to-IP converters manufactured by Lantronix and Silex. While details about the threat actors and attack methods remain limited, CISA’s confirmation of active exploitation has elevated concerns, prompting federal agencies to apply vendor fixes on an accelerated timeline.
At the same time, CISA has expanded its warnings to include three critical vulnerabilities impacting Ubiquiti’s UniFi OS platform. The flaws—CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910—can be chained together to achieve remote code execution, unauthorized file access, and system-level privilege escalation. Security researchers have demonstrated that attackers can exploit the trio to obtain a root shell in a single attack sequence, significantly increasing the risk to organizations relying on UniFi infrastructure.
Security experts warn that successful compromise of network management and connectivity devices can have far-reaching consequences. Because these systems often serve as central points within enterprise and industrial environments, attackers may leverage initial access to move laterally across networks, access sensitive data, disrupt operations, or establish long-term persistence. The latest advisories underscore the growing focus on network infrastructure devices as high-value targets and the importance of rapid patching and vulnerability management.
