General Industrial Controls Lynx+ Gateway

Act Now10ICS-CERT ICSA-25-317-08Nov 13, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The General Industrial Controls Lynx+ Gateway contains multiple vulnerabilities in credential handling (CWE-306, CWE-521) and insecure data transmission (CWE-319). Successful exploitation allows an unauthenticated attacker with network access to obtain sensitive device information, gain unauthorized access to the gateway, or cause a denial-of-service condition. Affected versions R08, V03, V05, and V18 have no vendor fix available. General Industrial Controls has not coordinated with CISA on remediation.

What this means

What could happen

An attacker with network access to the Lynx+ Gateway could extract sensitive device information, gain unauthorized access to the gateway, or cause it to become unavailable, potentially disrupting communication between industrial control systems and enterprise networks.

Who's at risk

Manufacturing facilities using the General Industrial Controls Lynx+ Gateway as a bridge between industrial control systems (PLCs, RTUs, sensors) and enterprise networks are at risk. This includes water utilities and power distribution operators that use the Lynx+ Gateway for remote monitoring or SCADA integration.

How it could be exploited

An attacker on the network (or from the internet if the gateway is exposed) sends crafted requests to the Lynx+ Gateway without authentication. The vulnerability in credential handling (CWE-306) and weak security in data transmission (CWE-319) allows the attacker to bypass access controls, obtain sensitive information, or crash the device.

Prerequisites

Network access to the Lynx+ Gateway (direct LAN or internet if exposed)
No valid credentials required

remotely exploitableno authentication requiredlow complexityno patch availablehigh CVSS score (10/10)

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (4)

4 pending

ProductAffected VersionsFix Status

Lynx+ Gateway: R08R08No fix yet

Lynx+ Gateway: V03V03No fix yet

Lynx+ Gateway: V05V05No fix yet

Lynx+ Gateway: V18V18No fix yet

Remediation & Mitigation

0/4

Do now

0/3

HARDENINGIsolate Lynx+ Gateway devices from direct internet access; place them behind a firewall and on a separate network segment from business/office networks

HARDENINGIf remote access to the gateway is required, implement a VPN connection as an additional security layer, keeping VPN software updated to the latest version

WORKAROUNDContact General Industrial Controls directly to inquire about a security fix or workaround (vendor has not yet provided official remediation)

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor network traffic to and from the Lynx+ Gateway for suspicious activity; log and report any suspected exploitation attempts to CISA

CVEs (4)

CVE-2025-55034 CVE-2025-58083 CVE-2025-59780 CVE-2025-62765

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a9c47b3f-d4c9-4fc0-b906-403ccc25ddda