CVE-2025-58428

Name of the Vulnerable Software and Affected Versions Veeder-Root TLS4B ATG versions (affected versions not specified)

Description The TLS4B ATG system’s SOAP-based interface is susceptible to command injection due to its accessibility through the web services handler. This allows remote attackers possessing valid credentials to execute system-level commands on the underlying Linux system. Successful exploitation could lead to remote command execution (RCE), full shell access, and potential lateral movement within a network. The vulnerability stems from a lack of proper authorization controls in the SOAP interface. The affected system is used in tank gauge systems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.