Описание
Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution.
Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-5310
- https://ociocisa.sharepoint.com/teams/JCDC-ProductionOffice/Shared%20Documents/Forms/AllItems.aspx?OR=Teams%2DHL&CT=1736953471669&id=%2Fteams%2FJCDC%2DProductionOffice%2FShared%20Documents%2FPublications%2FICS%20Publishing%2F2025%20ICSAs%2FJUN%2017%2FVU%23285756%20%2D%20Dover%20Fueling%20Solutions%20ProGauge%20MAGLINK%20%2D%20Notice%20%28Draft%29%2Ehtml&viewid=243fd1ea%2Da122%2D4cc0%2Dbe91%2Dd0714ca46b87&parent=%2Fteams%2FJCDC%2DProductionOffice%2FShared%20Documents%2FPublications%2FICS%20Publishing%2F2025%20ICSAs%2FJUN%2017
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-168-05
Связанные уязвимости
Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution.