The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday included a significant security weakness affecting Gladinet CentreStack in its Known Exploited Vulnerabilities (KEV) database, noting signs of ongoing exploitation in real-world scenarios.
The flaw, registered as CVE-2025-30406 (CVSS score: 9.0), involves an instance of a hard-coded cryptographic key that may be exploited to gain remote access.