Radiometrics VizAir

Act Now10ICS-CERT ICSA-25-308-04Nov 4, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Radiometrics VizAir contains authentication and data protection vulnerabilities (CWE-306: Missing Authentication, CWE-522: Insufficiently Protected Credentials) that allow remote attackers to manipulate critical weather parameters and runway settings without credentials. Successful exploitation could allow attackers to inject false meteorological data, mislead air traffic control and pilots, extract sensitive weather information, and cause significant disruption to airport operations and flight safety. Radiometrics has released updates that resolve these vulnerabilities.

What this means

What could happen

An attacker could modify weather data and runway settings in the VizAir system, causing air traffic control and pilots to receive false meteorological information and potentially leading to hazardous flight conditions or operational disruptions at the airport.

Who's at risk

This affects airports and aviation authorities that rely on Radiometrics VizAir systems for real-time meteorological data and runway management. Any facility using VizAir for weather monitoring that feeds into air traffic control systems should be concerned. This is critical for safety-sensitive aviation operations where false weather data could influence aircraft routing, landing decisions, and flight safety.

How it could be exploited

An attacker with network access to the VizAir system could exploit authentication or data protection weaknesses (CWE-306, CWE-522) to inject false weather parameters or runway configuration data. This could be done remotely if the system is exposed to the internet or accessible from a compromised network segment.

Prerequisites

Network access to VizAir system
No authentication required (per CVSS:AV:N/AC:L/PR:N)

remotely exploitableno authentication requiredlow complexityaffects safety-critical systemsCVSS 10.0 (maximum severity)impacts critical flight operations

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (1)

ProductAffected VersionsFix Status

VizAir: <08/2025<08/2025Fix available

Remediation & Mitigation

0/5

Do now

0/3

HOTFIXIf you have not already done so, contact Radiometrics to verify your VizAir system has been updated with their resolved vulnerabilities

HARDENINGEnsure VizAir is not directly accessible from the internet; place the system behind a firewall and isolate it from business networks

WORKAROUNDIf remote access to VizAir is required for maintenance or monitoring, require use of a VPN with current security patches

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGImplement monitoring and logging for access to VizAir and validate that weather/runway data matches expected values

Long-term hardening

0/1

HARDENINGPerform network segmentation to isolate the meteorological and runway control network from general IT systems

CVEs (3)

CVE-2025-61945 CVE-2025-54863 CVE-2025-61956

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a5703775-f67e-423c-ae36-300027e162d5