Elseta Vinci Protocol Analyzer

Plan PatchCVSS 9.9ICS-CERT ICSA-25-051-06Feb 18, 2025

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

A command injection vulnerability in Elseta Vinci Protocol Analyzer versions prior to 3.2.3.19 allows authenticated users to escalate privileges and execute arbitrary code on the affected system. The vulnerability has CVSS 9.9 severity and affects all features and functions of the analyzer.

What this means

What could happen

An attacker with valid engineering workstation credentials could escalate privileges and execute arbitrary code on the Vinci Protocol Analyzer, potentially allowing them to alter network diagnostics, access sensitive protocol data, or pivot to connected systems.

Who's at risk

This vulnerability affects organizations that use Elseta Vinci Protocol Analyzer for network protocol analysis in industrial or control system environments. The risk is highest for operators who allow remote access to the analyzer or host it on networks with multiple user accounts.

How it could be exploited

An attacker with valid login credentials to the Vinci Protocol Analyzer could exploit a command injection vulnerability (CWE-78) to escalate privileges from a standard user to administrative level and execute arbitrary system commands on the device.

Prerequisites

Valid login credentials for Vinci Protocol Analyzer
Network access to the Vinci Protocol Analyzer user interface or API
Vinci Protocol Analyzer software version prior to 3.2.3.19

remotely exploitablerequires valid credentialslow complexity attackhigh CVSS score (9.9)critical severity

Exploitability

Unlikely to be exploited — EPSS score 0.4%

Affected products (1)

ProductAffected VersionsFix Status

Vinci Protocol Analyzer: <3.2.3.19<3.2.3.193.2.3.19

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to Vinci Protocol Analyzer to only authorized engineering workstations and administrative networks

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Vinci Protocol Analyzer to version 3.2.3.19 or later

HARDENINGIsolate the network segment containing the Vinci Protocol Analyzer from business networks and the internet using firewall rules

Long-term hardening

0/1

HARDENINGRequire multi-factor authentication for all Vinci Protocol Analyzer user accounts, especially administrative accounts

CVEs (1)

CVE-2025-1265

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/6f34881b-add1-402b-8454-5bf9062f07e4

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.