A critical vulnerability has been discovered in Radiometrics VizAir products, identified as CVE-2025-61945. This flaw allows any remote, unauthenticated attacker to gain full administrative access to the system, posing a severe risk of data manipulation and operational disruption. Successful exploitation could lead to the modification of critical weather data, potentially impacting public safety and dependent industries.

This vulnerability is an authentication bypass in the admin panel of the Radiometrics VizAir system. An unauthenticated attacker can directly access administrative functions without providing any credentials. By simply navigating to the admin panel URL, the attacker is granted privileged access, allowing them to modify system configurations and manipulate critical weather parameters tracked and managed by the software.

This vulnerability is rated as critical severity with a CVSS score of 10. Exploitation could have a catastrophic business impact, as an attacker could intentionally falsify weather data. This could disrupt operations for industries reliant on accurate weather information, such as aviation, shipping, and agriculture. Furthermore, manipulating data related to severe weather events could pose a significant risk to public safety and result in severe reputational damage and legal liability for the organization.

Immediate Action: Update affected Radiometrics VizAir products to the latest version as recommended by the vendor. After patching, organizations should immediately monitor for any signs of exploitation and conduct a thorough review of access logs to identify any unauthorized access that may have occurred prior to the update.

Proactive Monitoring: Implement continuous monitoring of network traffic to the VizAir admin panel. Security teams should look for anomalous access patterns, such as requests from untrusted IP addresses or unusual user-agent strings. Configure alerts for any configuration changes made within the system and regularly review application and system logs for unauthorized activity.

Compensating Controls: If immediate patching is not feasible, restrict network access to the VizAir admin panel to only trusted IP addresses and authorized personnel using firewall rules. Consider placing the system behind a reverse proxy or Web Application Firewall (WAF) with robust access control policies to act as an additional layer of authentication and defense.

Public Exploit Available: false

Due to the critical severity (CVSS 10) of this vulnerability, we recommend that organizations treat this as a top priority for remediation. The risk of operational disruption and potential impact on public safety is severe. Although this vulnerability is not currently on the CISA KEV list, its characteristics make it a prime candidate for future inclusion. Immediate patching is strongly advised; if patching is delayed, compensating controls must be implemented without exception.