Improper Access Controls in Teledyne FLIR FB-Series O and FH-Series Products
CVE-2025-7576
What is CVE-2025-7576?
A vulnerability exists in Teledyne FLIR FB-Series O and FH-Series ID products due to improper access controls within the 'production.html' file of the Production Tools component. This flaw allows remote attackers to potentially manipulate access to sensitive functionalities, leading to unauthorized data access and system compromise. The issue was publicly disclosed after an unsuccessful attempt to notify the vendor, raising concerns regarding proactive security measures and timely response to vulnerabilities.
Affected Version(s)
FLIR FB-Series O 1.3.2.16
FLIR FH-Series ID 1.3.2.16
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved