Skip to main content
CybersecurityNetwork Security

Optigo Networks Visual BACnet and Capture Tool Overview

Optigo Networks Visual BACnet and Capture Tool Overview

1. EXECUTIVE SUMMARY

  • CVSS v4 9.3
  • ATTENTION: Exploitable remotely/low attack complexity
  • Vendor: Optigo Networks
  • Equipment: Visual BACnet Capture Tool, Optigo Visual Networks Capture Tool
  • Vulnerabilities: Use of Hard-coded, Security-relevant Constants, Authentication Bypass Using an Alternate Path or Channel

2. RISK EVALUATION

The vulnerabilities identified in the Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool pose significant risks. Successful exploitation could allow an attacker to bypass authentication mechanisms, gain unauthorized control over the products, or impersonate the web applications, leading to potential data breaches and operational disruptions.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The vulnerabilities affect the following versions:

  • Visual BACnet Capture Tool: Version 3.1.2rc11
  • Optigo Visual Networks Capture Tool: Version 3.1.2rc11

3.2 VULNERABILITY OVERVIEW

3.2.1 USE OF HARD-CODED, SECURITY-RELEVANT CONSTANTS CWE-547

Both tools contain a hard-coded secret key, which could enable an attacker to generate valid JSON Web Token (JWT) sessions. This vulnerability is documented as CVE-2025-2079, with a CVSS v3.1 base score of 7.5 and a CVSS v4 score of 8.7.

3.2.2 AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288

The exposed web management service in these tools allows attackers to bypass authentication measures, gaining control over the utilities within the products. This vulnerability is identified as CVE-2025-2080, with a CVSS v3.1 base score of 9.8 and a CVSS v4 score of 9.3.

3.2.3 USE OF HARD-CODED, SECURITY-RELEVANT CONSTANTS CWE-547

This vulnerability allows an attacker to impersonate the web application service, potentially misleading victim clients. It is documented as CVE-2025-2081, with a CVSS v3.1 base score of 7.5 and a CVSS v4 score of 8.7.

3.3 BACKGROUND

  • CRITICAL INFRASTRUCTURE SECTORS: Information Technology
  • COUNTRIES/AREAS DEPLOYED: Worldwide
  • COMPANY HEADQUARTERS LOCATION: Canada

3.4 RESEARCHER

The vulnerabilities were reported to CISA by Tomer Goldschmidt of Claroty Team82.

4. MITIGATIONS

Optigo Networks recommends users upgrade to the following versions to mitigate the identified vulnerabilities:

CISA recommends additional defensive measures to minimize the risk of exploitation:

  • Minimize network exposure: Ensure control system devices are not accessible from the Internet.
  • Network isolation: Place control system networks and remote devices behind firewalls, isolating them from business networks.
  • Secure remote access: Use secure methods such as Virtual Private Networks (VPNs), while recognizing that VPNs may have vulnerabilities and should be kept updated.

CISA emphasizes the importance of conducting proper impact analysis and risk assessment before implementing defensive measures. Organizations are encouraged to follow established procedures for reporting suspected malicious activity to CISA.

No known public exploitation of these vulnerabilities has been reported to CISA at this time.

5. UPDATE HISTORY

  • March 11, 2025: Initial Publication