Summary
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.
The following versions of Güralp Systems Fortimus Series, Minimus Series, and Certimus Series are affected:
- Fortimus Series (CVE-2025-14466)
- Minimus Series (CVE-2025-14466)
- Certimus Series (CVE-2025-14466)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 5.3 | Güralp Systems | Güralp Systems Fortimus Series, Minimus Series, and Certimus Series | Allocation of Resources Without Limits or Throttling |
Background
- Critical Infrastructure Sectors: Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: United Kingdom
Vulnerabilities
CVE-2025-14466
A vulnerability in the web interface of the Güralp Fortimus Series, Minimus Series and Certimus Series allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that can cause the web service process to deliberately restart. Although this mechanism limits the impact of the attack, it results in a brief denial-of-service condition during the restart.
Affected Products
Güralp Systems Fortimus Series, Minimus Series, and Certimus Series
Vendor:
Güralp Systems
Güralp Systems
Product Version:
Güralp Systems Fortimus Series: vers:all/*, Güralp Systems Minimus Series: vers:all/*, Güralp Systems Certimus Series: vers:all/*
Güralp Systems Fortimus Series: vers:all/*, Güralp Systems Minimus Series: vers:all/*, Güralp Systems Certimus Series: vers:all/*
Product Status:
known_affected
known_affected
This article has been indexed from All CISA Advisories
Read the original article: