CVE-2025-7916

Sažetak

WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized contents.

Reference

https://www.twcert.org.tw/en/cp-139-10257-e88f3-2.html
https://www.twcert.org.tw/tw/cp-132-10256-14d55-1.html

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

22-07-2025 - 13:06

Objavljeno

21-07-2025 - 06:15