CISA Warns of Critical Elber Flaws – PoC Available, No Patch

Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about critical vulnerabilities in Elber communications equipment, which could lead to unauthorized access and disruption of critical infrastructure. Key vulnerable products include various models of satellite receivers and broadcasting platforms, with high severity vulnerability scores. CISA urges affected organizations to take immediate action to mitigate risks and consider upgrading to supported equipment.

Affected: Elber communications equipment, including Signum DVB-S/S2 IRD, Cleber/3 Broadcast Multi-Purpose Platform, Reble610 M/ODU XPIC IP-ASI-SDH, ESE DVB-S/S2 Satellite Receiver, and Wayber Analog/Digital Audio STL

Keypoints :

Vulnerabilities CVE-2025-0674 (authentication bypass, CVSS 9.8) and CVE-2025-0675 (hidden functionality, CVSS 7.5) allow unauthorized administrative access.
Elber will not mitigate these issues as the affected devices are nearing end-of-life.
CISA recommends defensive measures such as minimizing network exposure, using firewalls, and implementing VPNs to reduce exploitation risks.

Source: https://securityonline.info/cve-2025-0674-cvss-9-8-cve-2025-0675-cisa-warns-of-critical-elber-flaws-poc-available-no-patch/

SHARE THIS STORY

WhatsApp X (Twitter)Telegram Bluesky Facebook LinkedIn Threads Email Print