Radiometrics VizAir

Plan PatchCVSS 10ICS-CERT ICSA-25-308-04Nov 4, 2025

Transportation

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Radiometrics VizAir contains unauthenticated API vulnerabilities (CWE-306, CWE-522) that allow remote attackers to manipulate critical weather parameters and runway settings, or extract sensitive meteorological data. Successful exploitation could mislead air traffic control and pilots, creating hazardous flight conditions and causing significant disruption to airport operations.

What this means

What could happen

An attacker could manipulate weather and runway data displayed to air traffic controllers and pilots, or extract sensitive meteorological information. This could directly mislead flight operations and create hazardous flight conditions.

Who's at risk

Airport operators and air traffic control facilities that depend on Radiometrics VizAir for meteorological observations and runway condition reporting. This directly affects flight safety decision-making and airport operations management.

How it could be exploited

An attacker with network access to the VizAir system could exploit unauthenticated or weakly authenticated API endpoints to read or modify critical operational parameters such as weather observations and runway settings that are displayed to air traffic control.

Prerequisites

Network access to VizAir system (typically on airport operations network)
No authentication or weak authentication required

remotely exploitableno authentication requiredlow complexityaffects safety systemscritical CVSS score

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (1)

ProductAffected VersionsFix Status

VizAir: <08/2025<08/2025Fix available

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDRestrict network access to VizAir systems to only authorized airport operations staff and eliminate internet-facing access

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate VizAir to version 08/2025 or later per Radiometrics guidance

Long-term hardening

0/1

HARDENINGIsolate VizAir systems from general business networks with firewall rules; require VPN or air-gapped access for any remote administration

CVEs (3)

CVE-2025-61945 CVE-2025-54863 CVE-2025-61956

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a5703775-f67e-423c-ae36-300027e162d5

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.