Lucene search
K

Güralp Systems FMUS Series - Unauthenticated Access

🗓️ 01 Aug 2025 13:55:09Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 4 Views

Güralp Systems FMUS Series devices have a critical unauthenticated Telnet access vulnerability.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2025-8286
31 Jul 202510:00
circl
CNNVD
Güralp FMUS 访问控制错误漏洞
31 Jul 202500:00
cnnvd
CVE
CVE-2025-8286
31 Jul 202519:23
cve
Cvelist
CVE-2025-8286 Güralp Systems FMUS Series and MIN Series Devices
31 Jul 202519:23
cvelist
EUVD
EUVD-2025-23300
3 Oct 202520:07
euvd
ICS
Güralp Systems FMUS Series and MIN Series Devices (Update B)
31 Jul 202506:00
ics
NVD
CVE-2025-8286
31 Jul 202520:15
nvd
Positive Technologies
PT-2025-31582
31 Jul 202500:00
ptsecurity
RedhatCVE
CVE-2025-8286
2 Aug 202520:22
redhatcve
Vulnrichment
CVE-2025-8286 Güralp Systems Güralp FMUS series Missing Authentication for Critical Function
31 Jul 202519:23
vulnrichment
Rows per page
id: CVE-2025-8286

info:
  name: Güralp Systems FMUS Series - Unauthenticated Access
  severity: critical
  author: darses
  description: |
    Güralp Systems FMUS Series Seismic Monitoring Devices expose an unauthenticated Telnet-based command line interface that allows attackers to modify hardware configurations, manipulate data, or factory reset the device.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device.
  reference:
    - https://www.cisa.gov/news-events/ics-advisories/icsa-25-212-01
    - https://www.cve.org/CVERecord?id=CVE-2025-8286
  remediation: |
    Update to the latest firmware version or apply vendor recommended patches to secure Telnet access.
  classification:
    cwe-id: CWE-306
    cve-id: CVE-2025-8286
    epss-score: 0.02215
    epss-percentile: 0.83945
    cvss-metrics: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
    cvss-score: 9.8
  metadata:
    verified: true
    vendor: guralp_systems
    product: fmus_series_seismic_monitoring_devices
    shodan-query: '"Welcome to " "list of available commands" port:4244'
    fofa-query: '"Welcome to " && "list of available commands" && port="4244"'
  tags: cve,cve2025,tcp,network,telnet,guralp,ics

tcp:
  - host:
      - "{{Hostname}}"

    port: 4244

    inputs:
      - data: "\n"
        read: 256
        name: banner

      - data: "system info\n"
        read: 256
        name: system_info

    matchers-condition: and
    matchers:
      - type: word
        part: banner
        words:
          - "Welcome to "
          - 'type "help" for a list of available commands'
        condition: and

      - type: word
        part: system_info
        words:
          - "Host Name: "
          - "Firmware Version: "
        condition: and

    extractors:
      - type: regex
        part: system_info
        group: 1
        regex:
          - "Host\\s+Name:\\s+([\\w\\d\\.\\-]+)"

      - type: regex
        part: system_info
        group: 1
        regex:
          - "Firmware\\s+Version:\\s+([\\d\\.\\-]+)"
# digest: 4a0a00473045022100a185272758ff32af0bb45bdc38e5e43865157187e180eb3ed32706924c17d2ea022072f66d90d5fcd262562196d9a0729c244c8666b78cfb660e0d21fca34a842807:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 Oct 2025 08:27Current
7High risk
Vulners AI Score7
CVSS 49.3
CVSS 3.19.8
EPSS0.01217
SSVC
4