Free practical cybersecurity guidance for organisations without a security team.
hello@actionsoncyber.com
← Back to Vulnerability Briefs

Urgent Security Issue in Lantronix EDS5000 Devices

A serious security flaw has been found in Lantronix EDS5000 devices that is already being exploited by attackers. This vulnerability allows malicious code to be injected, potentially giving attackers control over the device. Small businesses using these devices should act quickly to reduce risk.

24 June 2026

Reference: CVE-2025-67038

1. What is being reported?

The Lantronix EDS5000 device has a security weakness known as a code injection vulnerability. This means attackers can insert harmful software into the device, which could let them take control or disrupt its normal operation.

2. What this means in plain English

If your business uses this device, attackers might be able to access your network or data through it. This could lead to data loss, disruption of services, or other security problems. Because this vulnerability is actively being exploited, it is important to address it promptly.

3. Could this affect a small business?

Small businesses that use Lantronix EDS5000 devices, especially those connected to the internet or cloud services, are at risk. If you do not use this device, or it is not connected externally, you are likely not affected.

4. What to do now

  • Check if your business uses Lantronix EDS5000 devices.
  • Contact your IT provider or Lantronix support to get and apply the recommended security updates or mitigations immediately.
  • If no fix is available, consider disconnecting the device from the internet or cloud services until it is secured.
  • Review your network exposure and follow official guidance on prioritising security updates based on risk.

5. Ask your IT provider

Can you confirm if our Lantronix EDS5000 devices are affected by the CVE-2025-67038 vulnerability, and what steps are being taken to apply the necessary security updates or mitigations?

6. Bottom line

If you use Lantronix EDS5000 devices, act now to secure them against an actively exploited vulnerability.

Information based on CISA KEV and reputable security reporting.

Back to Vulnerability Briefs