Multiple vulnerabilities in Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2025-2079 CVE-2025-2080 CVE-2025-2081 |
| CWE-ID | CWE-547 CWE-288 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Visual BACnet Capture Tool Client/Desktop applications / Other client software Optigo Visual Networks Capture Tool Client/Desktop applications / Other client software |
| Vendor | Optigo Networks |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Use of Hard-coded, Security-relevant Constants
EUVDB-ID: #VU105950
Risk: High
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-2079
CWE-ID:
CWE-547 - Use of Hard-coded, Security-relevant Constants
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected application contains a hard coded secret key. A remote attacker can generate valid JWT (JSON Web Token) sessions.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVisual BACnet Capture Tool: 3.1.2 rc11
Optigo Visual Networks Capture Tool: 3.1.2 rc11
CPE2.3- cpe:2.3:a:optigo_networks:visual_bacnet_capture_tool:3.1.2:rc11:*:*:*:*:*:*
- cpe:2.3:a:optigo_networks:optigo_visual_networks_capture_tool:3.1.2:rc11:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-070-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Authentication bypass using an alternate path or channel
EUVDB-ID: #VU105954
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-2080
CWE-ID:
CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the authentication bypass using an alternate path or channel. A remote attacker can bypass authentication measures and gain controls over utilities within the products.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVisual BACnet Capture Tool: 3.1.2 rc11
Optigo Visual Networks Capture Tool: 3.1.2 rc11
CPE2.3- cpe:2.3:a:optigo_networks:visual_bacnet_capture_tool:3.1.2:rc11:*:*:*:*:*:*
- cpe:2.3:a:optigo_networks:optigo_visual_networks_capture_tool:3.1.2:rc11:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-070-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use of Hard-coded, Security-relevant Constants
EUVDB-ID: #VU105955
Risk: High
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-2081
CWE-ID:
CWE-547 - Use of Hard-coded, Security-relevant Constants
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected application contains a hard coded secret key. A remote attacker can impersonate the web application service and mislead victim clients.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVisual BACnet Capture Tool: 3.1.2 rc11
Optigo Visual Networks Capture Tool: 3.1.2 rc11
CPE2.3- cpe:2.3:a:optigo_networks:visual_bacnet_capture_tool:3.1.2:rc11:*:*:*:*:*:*
- cpe:2.3:a:optigo_networks:optigo_visual_networks_capture_tool:3.1.2:rc11:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-070-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
