Teledyne FLIR FB-Series EUVD-2025-21317

| CVE-2025-7576 HIGH
Incorrect Privilege Assignment (CWE-266)
2025-07-14 [email protected]
Information Disclosure
7.3
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 16, 2026 - 09:43 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 09:43 euvd
EUVD-2025-21317
PoC Detected
Jul 15, 2025 - 13:14 vuln.today
Public exploit code
CVE Published
Jul 14, 2025 - 06:15 nvd
HIGH 7.3

DescriptionNVD

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 and classified as critical. Affected by this issue is some unknown functionality of the file /priv/production/production.html of the component Production Tools. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

CVE-2025-7576 is a critical improper access control vulnerability affecting Teledyne FLIR thermal imaging devices (FB-Series O and FH-Series) running firmware version 1.3.2.16 and earlier. An unauthenticated remote attacker can exploit the vulnerable /priv/production/production.html endpoint to gain unauthorized access with low complexity, potentially reading, modifying, or disrupting system availability. Public exploit code exists and the vendor has not responded to disclosure, increasing real-world exploitation risk.

Technical ContextAI

The vulnerability resides in the Production Tools component of FLIR thermal camera firmware, specifically within the web-accessible /priv/production/production.html file. The root cause is classified under CWE-266 (Incorrect Privilege Assignment), indicating the application fails to enforce proper privilege boundaries or access control lists on production management functionality. The affected devices are network-connected thermal imaging systems (Teledyne FLIR FB-Series O and FH-Series) that expose administrative or sensitive production interfaces via HTTP/HTTPS without adequate authentication or authorization checks. CPE context: These are embedded systems running firmware where the web service processes production-related configurations or system state without validating caller privileges.

RemediationAI

Immediate actions: (1) Update to firmware version > 1.3.2.16 once available from Teledyne FLIR (vendor has not yet provided patches; monitor official FLIR security advisories); (2) Network isolation: Restrict network access to the thermal imaging devices using firewall rules—block inbound HTTP/HTTPS traffic to port 80/443 except from trusted administrative networks; (3) Disable web interface if not required, or require VPN/bastion host access; (4) Implement network segmentation to isolate thermal imaging systems from general corporate networks; (5) Monitor device logs for unauthorized access to /priv/production/production.html endpoints (HTTP 200 responses from unauthorized IPs). Contact Teledyne FLIR support directly to request security updates and risk clarification.

Share

EUVD-2025-21317 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy