Skip to main content

CVE-2025-7576: Improper Access Controls in Teledyne FLIR FB-Series O

Medium
VulnerabilityCVE-2025-7576cvecve-2025-7576
Published: Mon Jul 14 2025 (07/14/2025, 05:32:04 UTC)
Source: CVE Database V5
Vendor/Project: Teledyne
Product: FLIR FB-Series O

Description

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 and classified as critical. Affected by this issue is some unknown functionality of the file /priv/production/production.html of the component Production Tools. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI-Powered Analysis

AILast updated: 07/14/2025, 06:01:06 UTC

Technical Analysis

CVE-2025-7576 is a vulnerability identified in Teledyne FLIR FB-Series O and FLIR FH-Series ID version 1.3.2.16, specifically within the Production Tools component, affecting the file /priv/production/production.html. The issue stems from improper access controls, allowing unauthorized remote attackers to potentially access or manipulate sensitive production-related functionalities without authentication or user interaction. The vulnerability is remotely exploitable over the network with low attack complexity and no privileges required, indicating that an attacker can launch an attack without prior access or credentials. The CVSS 4.0 base score is 6.9, categorized as medium severity, reflecting limited impact on confidentiality, integrity, and availability, with low scope change and no user interaction needed. The vendor has been contacted but has not responded or issued a patch, and no known exploits are currently observed in the wild. The vulnerability could allow attackers to bypass intended access restrictions, potentially leading to unauthorized information disclosure or limited manipulation of production processes managed by the affected FLIR devices. These devices are typically used in industrial, security, and surveillance contexts, where production tools may control or monitor critical operations.

Potential Impact

For European organizations, especially those in industrial, manufacturing, security, or critical infrastructure sectors using Teledyne FLIR FB-Series O or FH-Series devices, this vulnerability poses a risk of unauthorized access to production control interfaces. This could lead to exposure of sensitive operational data or unauthorized changes to production parameters, potentially disrupting operational integrity or causing data leaks. While the impact is medium severity, the lack of authentication and remote exploitability increases risk, particularly in environments where these devices are accessible over networks without adequate segmentation or protection. Organizations involved in manufacturing, energy, transportation, or public safety that rely on FLIR technology for monitoring or control could face operational disruptions or compromise of sensitive production data. The absence of vendor response and patches increases the window of exposure, necessitating proactive risk management.

Mitigation Recommendations

Given the lack of official patches, European organizations should implement network-level mitigations such as isolating affected FLIR devices within secure network segments, restricting access to trusted hosts only, and employing strict firewall rules to limit inbound connections to the production tools interface. Continuous monitoring and logging of access attempts to /priv/production/production.html should be enabled to detect suspicious activity. Organizations should also conduct thorough asset inventories to identify all affected devices and assess exposure. Where possible, disable or restrict access to the vulnerable production tools functionality if not essential. Employing intrusion detection/prevention systems (IDS/IPS) tuned to detect anomalous access patterns targeting FLIR devices can provide early warning. Additionally, organizations should engage with Teledyne for updates and consider vendor alternatives or compensating controls if remediation is delayed. Regular security assessments and penetration testing focusing on these devices can help identify exploitation attempts.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-07-13T07:47:11.609Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 6874999ba83201eaacc2347d

Added to database: 7/14/2025, 5:46:03 AM

Last enriched: 7/14/2025, 6:01:06 AM

Last updated: 8/15/2025, 12:18:42 PM

Views: 22

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats