CVE-2025-54863 identifies a critical security vulnerability in Radiometrics VizAir, a system used for aviation weather monitoring and data dissemination. The root cause is the insufficient protection of the system's REST API key, which is stored in a configuration file accessible publicly or without adequate access controls. This exposure allows attackers to retrieve the API key without authentication, granting them full remote access to the system's REST API. With this access, attackers can alter weather data and system configurations, potentially injecting false meteorological information that could mislead airport operations and flight planning. Additionally, attackers can automate attacks against multiple VizAir instances, amplifying the threat's scale. The vulnerability also enables attackers to flood the system with false alerts, causing denial-of-service conditions that disrupt airport operations. The impact extends to confidentiality, integrity, and availability of critical aviation weather data, posing safety risks such as hazardous takeoff and landing conditions. The vulnerability has a CVSS 4.0 score of 10.0, reflecting its critical nature with network attack vector, no required privileges or user interaction, and high impact on all security properties. No patches or public exploits are currently reported, but the vulnerability demands urgent attention due to its potential to disrupt critical infrastructure.

For European organizations, particularly airports and aviation authorities relying on Radiometrics VizAir, this vulnerability poses a severe risk to operational safety and continuity. Manipulation of weather data can lead to incorrect flight planning, increasing the risk of accidents during takeoff and landing phases. Denial-of-service conditions caused by alert flooding can disrupt airport operations, causing delays and economic losses. The exposure of sensitive meteorological data also risks confidentiality breaches, potentially revealing operational details to adversaries. Given the critical role of aviation in European transport infrastructure and the high volume of air traffic, exploitation could have cascading effects on national and regional transportation networks. Furthermore, the ability to automate attacks across multiple instances increases the threat's scale, potentially affecting multiple airports simultaneously. The vulnerability could also undermine trust in aviation safety systems and regulatory compliance, leading to reputational damage and legal consequences for affected organizations.

To mitigate CVE-2025-54863, European organizations should immediately audit access controls on all Radiometrics VizAir configuration files to ensure that REST API keys are not publicly accessible or exposed to unauthorized users. Implement strict file system permissions and consider encrypting sensitive configuration data at rest. Rotate all exposed API keys and enforce strong key management policies, including regular key rotation and revocation procedures. Network segmentation should be applied to isolate VizAir systems from general IT networks and the internet, limiting access to trusted management hosts only. Employ intrusion detection and anomaly monitoring to detect unusual API usage patterns or sudden surges in alert generation that could indicate exploitation attempts. Coordinate with Radiometrics for any available patches or updates and apply them promptly once released. Additionally, implement multi-factor authentication and IP whitelisting for REST API access where possible. Conduct regular security assessments and penetration testing focused on configuration management and API security to proactively identify and remediate weaknesses.