Information disclosure in Thermofisher Ion_torrent_onetouch_2
CVE-2025-54304
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. When they are powered on, an X11 display server is started. The display server listens on all network interfaces and is accessible over port 6000. The X11…
Vulnerability class: Information Disclosure
EPSS: 0.004 (33.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
Weakness classification (CWE)
References
- cve@mitre.org (Product)
- cve@mitre.org (Product)
- cve@mitre.org (Vendor Advisory)
Frequently asked questions
- What is CVE-2025-54304?
- CVE-2025-54304 is a critical-severity vulnerability in Thermofisher Ion_torrent_onetouch_2, classified under Information Disclosure. CVSS score: 9.8/10. Published 2025-12-04.
- How severe is CVE-2025-54304?
- Critical severity. CVSS v3 base score is 9.8 out of 10.