Lantronix XPort Vulnerability Puts Critical Infrastructure at Risk

A critical vulnerability in Lantronix’s XPort device is raising concerns across sectors that rely on it for remote connectivity,  reports SecurityWeek. According to a recent advisory from CISA, the flaw allows attackers to bypass authentication and gain full access to the device’s configuration interface. This opens the door for remote exploitation of infrastructure systems that use the XPort, including those in energy, manufacturing, and transportation.

The XPort is widely deployed across global industrial environments, from traffic systems to surveillance and manufacturing. Its presence in energy and water infrastructure further highlights the severity of this issue. Security researcher Souvik Kandar identified over 1,400 exposed instances online, with more than 300 linked to oil and gas operations. These include fuel management systems, making them particularly sensitive to unauthorized interference.

In practical terms, attackers exploiting this vulnerability could alter device settings, disrupt fuel inventory monitoring, or manipulate safety sensors. For fuel stations and other energy assets, this could lead to operational downtime, regulatory scrutiny, or even safety incidents. With critical systems increasingly dependent on internet-connected devices, vulnerabilities like this one emphasize the need for stronger authentication and isolation protocols.

Despite being notified, Lantronix has not released a direct patch for the affected XPort models. Instead, the company recommends customers shift to the newer XPort Edge, which is not impacted by the issue. Until then, organizations using legacy XPort devices may face a difficult decision: maintain service with known risk or initiate an urgent upgrade amid ongoing operations.