CVE-2025-58428CRITICAL 9.9EPSS p67.0%

CVE-2025-58428CVE-2025-58428

Description

The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote attackers with valid credentials to execute system-level commands on the underlying Linux system. This could allow the attacker to achieve remote command execution, full shell access, and potential lateral movement within the network.

Scoring

CVSS 3.19.9 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS1.31% probability of exploitation · percentile 67.0% · 2026-06-19T12:03:05Z
Published2025-10-23
Last modified2026-04-15

Underlying weaknesses· 1

CWE-77

References

  1. https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-03.json
  2. https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-03
  3. https://www.veeder.com/us/network-security-reminder
  4. https://www.veeder.com/us/software-downloads

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in a Command ('Command Injection')cwe-770%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-0593
CVE
CVE-2025-41684
CVE
CVE-2025-59817
CVE
CVE-2025-64090
CVE
CVE-2025-6542
CVE
CVE-2025-0592
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.