CVE-2025-13926

Contemporary Controls · BASC 20T

Contemporary Controls BASC 20T is susceptible to packet forgery attacks, allowing an attacker to execute arbitrary requests by sniffing and manipulating network traffic.

Executive summary

A critical vulnerability in the Contemporary Controls BASC 20T allows remote attackers to perform arbitrary requests by sniffing and forging network traffic, posing a severe risk to operational integrity.

Vulnerability

This vulnerability allows an attacker to conduct packet forgery by obtaining data through network sniffing. This facilitates the injection of arbitrary requests into the target system, potentially bypassing intended communication security.

Business impact

With a CVSS score of 9.8, this vulnerability represents a critical threat to the availability and integrity of the BASC 20T device. Successful exploitation could allow an attacker to gain unauthorized control over the device, leading to service disruption or unauthorized operational commands. This could have significant downstream impacts on industrial or building automation systems.

Remediation

Immediate Action: Contact the vendor or monitor the official Contemporary Controls security portal for available firmware updates addressing this packet forgery vulnerability.

Proactive Monitoring: Implement network traffic monitoring to detect unauthorized sniffing or anomalous packet patterns directed at the BASC 20T.

Compensating Controls: Isolate the affected devices on a restricted VLAN and employ encrypted communication protocols to prevent packet sniffing and forgery.

Exploitation status

Public Exploit Available: Not specified

Analyst recommendation

Given the critical CVSS severity, administrators should restrict network access to the BASC 20T immediately. Apply vendor-provided patches as soon as they become available to mitigate the risk of arbitrary request execution.