CVE-2025-54863

Name of the Vulnerable Software and Affected Versions Radiometrics VizAir (affected versions not specified)

Description Radiometrics VizAir is susceptible to exposure of its REST API key through a publicly accessible configuration file. Successful exploitation allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data. This could compromise airport operations and lead to incorrect flight planning and hazardous takeoff and landing conditions. Attackers could also flood the system with false alerts, resulting in a denial-of-service condition and significant disruption to airport operations. The API endpoint is exposed through a publicly accessible configuration file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.