Güralp Systems Fortimus Series, Minimus Series, and Certimus Series

Monitor5.3ICS-CERT ICSA-25-350-01Dec 16, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Güralp Systems Fortimus Series, Minimus Series, and Certimus Series seismic instruments are vulnerable to a denial-of-service condition due to improper handling of resource consumption (CWE-770). An unauthenticated remote attacker can send specially crafted packets to exhaust device resources, causing the system to become unresponsive. All versions of the affected product lines are vulnerable. The vendor has not released a patch and recommends deploying devices behind a firewall (NAT or VPN).

What this means

What could happen

An attacker could cause the seismic monitoring system to become temporarily unavailable, interrupting real-time earthquake detection and early warning capabilities that may inform public safety response decisions.

Who's at risk

Seismic monitoring operators and earthquake early warning system integrators using Güralp Fortimus, Minimus, or Certimus series instruments for ground motion measurement and real-time hazard detection. Facilities that depend on these sensors for safety notifications to the public or automated emergency response systems are at risk of operational interruption.

How it could be exploited

An attacker on the network can send specially crafted packets to the affected device (CWE-770 resource exhaustion) without authentication. The device does not properly limit resource consumption, allowing the attacker to exhaust available resources and cause the system to stop responding to legitimate requests.

Prerequisites

Network access to the affected Güralp device on the Internet or local network
No authentication required

Remotely exploitableNo authentication requiredLow complexity attackNo patch availableAffects safety-critical monitoring

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (3)

3 EOL

ProductAffected VersionsFix Status

Minimus Series: vers:all/*All versionsNo fix (EOL)

Fortimus Series: vers:all/*All versionsNo fix (EOL)

Certimus Series: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/2

Do now

0/1

HARDENINGDeploy affected Güralp Systems devices behind a network firewall (NAT or VPN) to restrict direct Internet exposure and require authentication for access

Mitigations - no patch available

0/1

The following products have reached End of Life with no planned fix: Minimus Series: vers:all/*, Fortimus Series: vers:all/*, Certimus Series: vers:all/*. Apply the following compensating controls:

HARDENINGMonitor Güralp Systems advisory channels and contact the vendor for availability of future security updates

CVEs (1)

CVE-2025-14466

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/96eeff1b-561d-442a-9af0-ea163ec8bd67