CVE-2025-30519 is a critical vulnerability affecting Dover Fueling Solutions ProGauge MagLink LX 4 devices. These devices are used in fuel dispensing and monitoring systems, typically within industrial control environments such as gas stations and fuel depots. The vulnerability arises from the presence of default root credentials that cannot be changed through standard administrative interfaces or procedures. This design flaw means that any attacker with network access to the device can gain full administrative privileges without needing to authenticate or bypass additional security controls. The vulnerability is classified under CWE-1391, which relates to improper restriction of changes to device or resource settings, specifically the inability to change default credentials. The CVSS v3.1 base score is 9.8, indicating a critical severity level. The vector string (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) highlights that the attack can be performed remotely over the network, requires no privileges or user interaction, and results in complete compromise of confidentiality, integrity, and availability. Although no public exploits have been reported yet, the vulnerability poses a significant risk due to the ease of exploitation and the critical nature of the affected systems. The inability to change default root credentials is a severe security oversight, especially in industrial control systems where device integrity and availability are paramount. This vulnerability could allow attackers to manipulate fuel dispensing data, disrupt operations, or cause physical safety hazards by interfering with fuel delivery controls.

For European organizations, especially those operating fuel stations, logistics hubs, or industrial facilities relying on Dover Fueling Solutions equipment, this vulnerability presents a high risk. Exploitation could lead to unauthorized access to critical fuel management systems, enabling attackers to alter fuel measurements, cause financial fraud, disrupt supply chains, or even trigger safety incidents. The compromise of these devices could also serve as a foothold for lateral movement within industrial networks, potentially impacting broader operational technology (OT) environments. Given the critical infrastructure nature of fuel distribution, such disruptions could have cascading effects on transportation, emergency services, and economic activities. Additionally, regulatory compliance risks arise if organizations fail to adequately secure these devices, potentially leading to penalties under European cybersecurity and critical infrastructure protection regulations such as NIS2. The vulnerability's network accessibility and lack of authentication requirements make it particularly dangerous in environments where network segmentation or device isolation is insufficient.

To mitigate this vulnerability, European organizations should first conduct a comprehensive inventory of all ProGauge MagLink LX 4 devices within their networks. Since the default root credentials cannot be changed via standard administrative means, organizations should implement strict network segmentation to isolate these devices from general IT networks and limit access only to trusted management systems. Deploying firewall rules or access control lists (ACLs) to restrict network traffic to and from these devices is critical. Monitoring network traffic for unusual access patterns or attempts to connect to device management interfaces can help detect exploitation attempts early. Organizations should engage with Dover Fueling Solutions to seek firmware updates or patches that address this vulnerability; if none are available, consider requesting custom remediation or replacement plans. Additionally, compensating controls such as deploying intrusion detection/prevention systems (IDS/IPS) tailored to industrial protocols, enforcing multi-factor authentication on adjacent systems, and conducting regular security audits of OT environments are recommended. Finally, staff training on the risks associated with default credentials and the importance of physical and network security for these devices should be enhanced.