Optigo Networks Visual BACnet Capture Tool / Optigo Visual Networks Capture Tool

Plan PatchCVSS 9.8ICS-CERT ICSA-25-070-02Mar 11, 2025

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Optigo Networks Visual BACnet Capture Tool and Visual Networks Capture Tool versions 3.1.2rc11 and earlier contain authentication bypass vulnerabilities (CWE-547, CWE-288) that could allow an attacker to gain full control of the products or impersonate the web applications. Successful exploitation requires only network access and no valid credentials.

What this means

What could happen

An attacker with network access could bypass authentication on these BACnet/network capture tools, gaining full control to execute arbitrary commands, modify captured data, or impersonate the web interface—potentially affecting visibility into building automation or network operations depending on deployment.

Who's at risk

Organizations operating building automation systems (BACnet) or network monitoring/capture tools should care. This includes facility managers, building controls engineers, and system integrators who deploy these Optigo capture tools to monitor or troubleshoot BACnet networks or building systems.

How it could be exploited

An attacker on the same network segment as the capture tool (or reachable via the Internet if exposed) sends a crafted request to bypass authentication mechanisms. Once authenticated, the attacker can execute arbitrary code or commands on the capture tool system, potentially gaining control of the device and any systems it monitors or connects to.

Prerequisites

Network access to the capture tool web interface (port/protocol not specified in advisory, likely HTTP/HTTPS)
No valid credentials required due to authentication bypass

remotely exploitableno authentication requiredlow complexitycritical CVSS (9.8)

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

Visual BACnet Capture Tool: 3.1.2rc113.1.2rc11v3.1.3rc8

Optigo Visual Networks Capture Tool: 3.1.2rc113.1.2rc11v3.1.3rc8

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to the capture tool—isolate it behind a firewall and do not expose to the Internet

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Visual BACnet Capture Tool to version v3.1.3rc8 or later

HOTFIXUpdate Optigo Visual Networks Capture Tool to version v3.1.3rc8 or later

Long-term hardening

0/1

HARDENINGIf remote access is required, require VPN connection to the network segment where the capture tool resides

CVEs (3)

CVE-2025-2079 CVE-2025-2080 CVE-2025-2081

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/7dfc98ff-1025-4345-aa88-355880bf93d3

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.