Radiometrics VizAir devices are vulnerable to multiple critical security flaws that could allow remote attackers to manipulate weather data and disrupt airport operations. Cybercriminals could exploit these vulnerabilities to mislead air traffic control, cause hazardous flight conditions, and extract sensitive meteorological information. #VizAir #CVE-2025-61945 #CVE-2025-54863 #CycloneThreat
Keypoints
- Radiometrics VizAir systems are affected by vulnerabilities related to missing authentication and weak credentials.
- Successful exploitation could lead to manipulation of critical weather and runway data, impacting flight safety.
- All affected versions of VizAir prior to August 2025 are vulnerable to remote cyber attacks.
- Updates have been applied by the vendor, but organizations are advised to implement additional defensive measures.
- CISA recommends minimizing network exposure, using secure remote access, and conducting thorough risk assessments.
Read More: https://www.cisa.gov/news-events/ics-advisories/icsa-25-308-04