Introduction
Unauthorized changes to airport weather alerts can directly endanger aircraft and disrupt flight operations. The recent authentication bypass in Radiometrics VizAir, tracked as CVE-2025-61945, exposes a critical gap in aviation weather safety infrastructure, allowing remote attackers to manipulate flight-critical parameters without any credentials.
About Radiometrics VizAir: Radiometrics Corporation is a niche provider of atmospheric remote sensing and weather decision support systems, with VizAir deployed in airport environments for real-time wind shear detection and weather monitoring. While not a household name, Radiometrics products are integral to airport safety and operational continuity in several regions.
Technical Information
CVE-2025-61945 is a direct result of missing authentication controls on the VizAir administrative panel. The admin interface is exposed over the network and does not require any form of credential or token to access. This is a classic instance of CWE-306: Missing Authentication for Critical Function (CWE-306).
Any remote user with network connectivity to the VizAir system can access the admin panel and modify:
- Wind shear alert thresholds
- Inversion depth values
- CAPE (Convective Available Potential Energy) values
These parameters are essential for accurate weather forecasting and safe runway assignments. Manipulation can result in the disabling of vital alerts, misleading air traffic control, and creating hazardous conditions for aircraft. The vulnerability is trivially exploitable, requiring no special privileges, user interaction, or complex setup. No vulnerable code snippets or exploit scripts were published in the available sources. The flaw is present in the network-exposed admin interface, but no further technical details or configuration specifics were disclosed.
Affected Systems and Versions
- Product: Radiometrics VizAir weather decision support system
- Affected component: Network-exposed administrative panel
- No specific software version numbers or version ranges were disclosed in public advisories or references
- All configurations with an accessible admin panel lacking authentication are considered vulnerable
Vendor Security History
No prior public record of similar authentication bypass vulnerabilities in Radiometrics products was found in the provided sources. The presence of this flaw in a safety-critical product highlights a need for stronger secure development practices and security review. No information on Radiometrics' patch response time or security maturity was available in the referenced materials.
