Which versions of Teledyne FLIR FB-Series are affected by EUVD-2025-21317?

A publicly disclosed vulnerability in Teledyne FLIR thermal imaging devices (FB-Series O and FH-Series ID 1.3.2.16) allows remote attackers to bypass access controls on production tools, potentially…

Is there a public PoC exploit available for EUVD-2025-21317?

Yes, a public proof-of-concept exploit is available for EUVD-2025-21317. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate EUVD-2025-21317?

Within 24 hours: Identify all affected FLIR devices in your environment and isolate them from untrusted networks; notify device owners and document current firmware versions. Within 7 days: Implement network segmentation to restrict access to the production.html interface, enforce multi-factor authentication where possible, and enable detailed logging of access attempts to /priv/production/production.html. Within 30 days: Contact Teledyne FLIR for patch availability status, evaluate device replacement or upgrade roadmaps, and establish an escalation plan if no patch becomes available within 60 days.

Teledyne FLIR FB-Series EUVD-2025-21317

Q: What is the CVSS score of EUVD-2025-21317?

EUVD-2025-21317 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

| CVE-2025-7576 MEDIUM

Incorrect Privilege Assignment (CWE-266)

2025-07-14 cna@vuldb.com

Information Disclosure

5.5

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.5 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

Apr 29, 2026 - 01:11 NVD

HIGH MEDIUM

CVSS changed

Apr 29, 2026 - 01:11 NVD

7.3 (HIGH) 5.5 (MEDIUM)

EUVD ID Assigned

Mar 16, 2026 - 09:43 euvd

EUVD-2025-21317

Analysis Generated

Mar 16, 2026 - 09:43 vuln.today

PoC Detected

Jul 15, 2025 - 13:14 vuln.today

Public exploit code

CVE Published

Jul 14, 2025 - 06:15 nvd

HIGH 7.3

DescriptionCVE.org

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 and classified as critical. Affected by this issue is some unknown functionality of the file /priv/production/production.html of the component Production Tools. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

CVE-2025-7576 is a critical improper access control vulnerability affecting Teledyne FLIR thermal imaging devices (FB-Series O and FH-Series) running firmware version 1.3.2.16 and earlier. An unauthenticated remote attacker can exploit the vulnerable /priv/production/production.html endpoint to gain unauthorized access with low complexity, potentially reading, modifying, or disrupting system availability. Public exploit code exists and the vendor has not responded to disclosure, increasing real-world exploitation risk.

Technical ContextAI

The vulnerability resides in the Production Tools component of FLIR thermal camera firmware, specifically within the web-accessible /priv/production/production.html file. The root cause is classified under CWE-266 (Incorrect Privilege Assignment), indicating the application fails to enforce proper privilege boundaries or access control lists on production management functionality. The affected devices are network-connected thermal imaging systems (Teledyne FLIR FB-Series O and FH-Series) that expose administrative or sensitive production interfaces via HTTP/HTTPS without adequate authentication or authorization checks. CPE context: These are embedded systems running firmware where the web service processes production-related configurations or system state without validating caller privileges.

RemediationAI

Immediate actions: (1) Update to firmware version > 1.3.2.16 once available from Teledyne FLIR (vendor has not yet provided patches; monitor official FLIR security advisories); (2) Network isolation: Restrict network access to the thermal imaging devices using firewall rules—block inbound HTTP/HTTPS traffic to port 80/443 except from trusted administrative networks; (3) Disable web interface if not required, or require VPN/bastion host access; (4) Implement network segmentation to isolate thermal imaging systems from general corporate networks; (5) Monitor device logs for unauthorized access to /priv/production/production.html endpoints (HTTP 200 responses from unauthorized IPs). Contact Teledyne FLIR support directly to request security updates and risk clarification.

EUVD-2025-21317 vulnerability details – vuln.today

Back