Breaking
Save 20% Off the Apple AirPods Pro 3, There’s Still Time to Have It Delivered by Mother’s Day
Ravensburger Is Releasing New Star Wars Puzzles for The Mandalorian & Grogu Movie
Call of Duty 2026 Won’t Be Releasing on Last-Gen Consoles
Fallout Co-Creator Says Some Players Watch Influencers So They Can Be Told What to Think About Games
The Powerful AMD Radeon 9070 XT Graphics Card Drops to $680 for a Very Limited Time
Take-Two CEO Explains Why GTA 6 Isn’t Coming to PC on Day One
DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates
DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates
Every LEGO Millennium Falcon from 2000 to Today
Get an Apple Watch Ultra for Just $299 at Amazon
4 May 2026, Mon
Launch Your Site in 5 Minutes
Cyber Security News

Dover Fueling Solutions Vulnerability Allows Attackers to Manipulate Fueling Operations

By rssfeeds-admin No Comments

A critical security flaw (CVE-2025-5310) in Dover Fueling Solutions’ ProGauge MagLink LX consoles could allow attackers to hijack fuel station monitoring systems, manipulate operations, or deploy malware.

The vulnerability, rated 9.8 on CVSS v3 and 9.2 on CVSS v4, affects widely deployed tank gauges used globally in transportation infrastructure.

Technical Impact and Affected Systems

The vulnerability stems from an undocumented, unauthenticated Target Communication Framework (TCF) interface exposed on a specific port.

Attackers can remotely create, modify, or delete files, potentially leading to full device compromise and operational disruption.

Affected Products and Versions:

Product TypeVulnerable VersionsPatched Version
ProGauge MagLink LX 4Before 4.20.34.20.3 or later
ProGauge MagLink LX PlusBefore 5.20.34.20.3 or later
ProGauge MagLink LX UltimatePrior to 5.20.35.20.3 or later

Successful exploitation enables:

  • Manipulation of fueling operations
  • Deletion of system configurations
  • Malware deployment
  • Unauthorized remote code execution.

Mitigation Strategies

Dover Fueling Solutions mandates immediate updates:

  • LX 4/LX Plus models: Upgrade to v4.20.3+ via official portal.
  • LX Ultimate models: Install v5.20.3+13.

CISA recommends additional safeguards:

  • Network segmentation: Isolate consoles behind firewalls; block internet access.
  • Secure remote access: Use updated VPNs with strict device security policies.
  • Proactive monitoring: Report anomalies to CISA for incident correlation.

No public exploits targeting CVE-2025-5310 have been confirmed, but the flaw’s critical severity and low attack complexity necessitate urgent action.

Souvik Kandar of Microsec discovered the vulnerability, prompting coordinated disclosure with CISA on June 17, 2025.

Fuel retailers globally should prioritize patching, as these consoles monitor fuel/water tanks across critical transportation infrastructure.

CISA’s Defense-in-Depth strategies provide further guidance for securing operational technology.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates

The post Dover Fueling Solutions Vulnerability Allows Attackers to Manipulate Fueling Operations appeared first on Cyber Security News.

Discover more from RSS Feeds Cloud

Subscribe to get the latest posts sent to your email.

By rssfeeds-admin

Related Posts

Cyber Security News

DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates

rssfeeds-admin
Cyber Security News

DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates

rssfeeds-admin
Cyber Security News

MSSPs Face Rising Alert Fatigue as False Positives Drain Analyst Time and Resources

rssfeeds-admin

You Missed

IGN

Save 20% Off the Apple AirPods Pro 3, There’s Still Time to Have It Delivered by Mother’s Day

IGN

Ravensburger Is Releasing New Star Wars Puzzles for The Mandalorian & Grogu Movie

IGN

Call of Duty 2026 Won’t Be Releasing on Last-Gen Consoles

IGN

Fallout Co-Creator Says Some Players Watch Influencers So They Can Be Told What to Think About Games

Discover more from RSS Feeds Cloud

Subscribe now to keep reading and get access to the full archive.

Continue reading