Vulnerabilities4 min read
Lantronix EDS5000 Flaw Exploited in Attacks — Patch Due Today
CISA confirms active exploitation of CVE-2025-67038 (CVSS 9.8) in Lantronix EDS5000 serial-to-IP devices. The command injection flaw grants root access. Federal deadline is June 26.
Marcus ChenJun 26, 2026