A critical vulnerability with a CVSS score of 10.0 has been identified, allowing attackers with network access to execute arbitrary code without requiring credentials.

In response to evidence of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) included this flaw in its Known Exploited Vulnerabilities catalog in June 2025.

Notably, around 70% of the detected exploits have specifically targeted operational technology (OT) firewalls, highlighting a significant focus on these critical networks.

The attacks have been characterized by short, high-intensity bursts, primarily aimed at industrial-specific ports and exposed services.

Successful exploitations typically result in the establishment of reverse shells, which grant attackers unauthorized remote access to target networks.