CVE-2025-31932

Sažetak

Deserialization of untrusted data issue exists in BizRobo! all versions. If this vulnerability is exploited, an arbitrary code is executed on the Management Console. The vendor provides the workaround information and recommends to apply it to the deployment environment.

Reference

https://jvn.jp/en/jp/JVN30641875/
https://knowledge.bizrobo.com/hc/ja/articles/360029772271
https://knowledge.bizrobo.com/hc/ja/articles/39951710517145
https://knowledge.bizrobo.com/hc/ja/articles/39952052043289
https://knowledge.bizrobo.com/hc/ja/articles/39953373809305

CVSS

Base:	8.8
Impact:	5.9
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

11-04-2025 - 15:39

Objavljeno

11-04-2025 - 10:15