Vulnerability in Optigo Networks Visual Capture Tool

CVE-2025-2079

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain a hard coded secret key. This could allow an attacker to generate valid JWT (JSON Web Token) sessions.

EPSS: 0.002 (41.3th percentile) — read the EPSS interpretation.

Affected products

Optigo Networks Visual Capture Tool — versions 3.1.2rc11
Optigo Networks Visual Bacnet Capture Tool — versions 3.1.2rc11

Weakness classification (CWE)

CWE-547 — Use of Hard-coded, Security-relevant Constants

References

www.cisa.gov/news-events/ics-advisories/icsa-25-070-02 (government-resource)