Critical severity9.9NVD Advisory· Published Oct 23, 2025· Updated Apr 15, 2026

CVE-2025-58428

Description

The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote attackers with valid credentials to execute system-level commands on the underlying Linux system. This could allow the attacker to achieve remote command execution, full shell access, and potential lateral movement within the network.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-03.jsonnvd
www.cisa.gov/news-events/ics-advisories/icsa-25-296-03nvd
www.veeder.com/us/network-security-remindernvd
www.veeder.com/us/software-downloadsnvd

News mentions

No linked articles in our index yet.

cvss	0.643
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000