Authentication Flaw in Radiometrics VizAir Affects Air Traffic Management
CVE-2025-61956

10CRITICAL

Key Information:

Vendor

Radiometrics

Status
Vizair
Vendor
CVE Published:
4 November 2025

What is CVE-2025-61956?

The Radiometrics VizAir system is susceptible to a significant vulnerability due to inadequate authentication mechanisms for critical administrative functions. Unauthorized individuals could gain access to manipulate essential configurations, affecting active runway settings. This lack of security not only poses risks to the integrity of air traffic management but also threatens the safety of pilots and air traffic controllers by potentially misrepresenting crucial meteorological data and compromising flight planning accuracy.

Affected Version(s)

VizAir 0 < 08/2025

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-3...
https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

CVSS V4

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Souvik Kandar
JSON
.
CVE-2025-61956 : Authentication Flaw in Radiometrics VizAir Affects Air Traffic Management