CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity when authenticated users send crafted data to a network-exposed service that performs unsafe deserialization.
Metrics
Affected Vendors & Products
References
History
Mon, 25 Aug 2025 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Schneider-electric
Schneider-electric ecostruxure Power Monitoring Expert Schneider-electric ecostruxure Power Operation With Advanced Reports |
|
Vendors & Products |
Schneider-electric
Schneider-electric ecostruxure Power Monitoring Expert Schneider-electric ecostruxure Power Operation With Advanced Reports |
Wed, 20 Aug 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 20 Aug 2025 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
Wed, 20 Aug 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity when authenticated users send crafted data to a network-exposed service that performs unsafe deserialization. | |
Weaknesses | CWE-502 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: schneider
Published:
Updated: 2025-08-20T17:23:04.154Z
Reserved: 2025-08-01T04:38:47.036Z
Link: CVE-2025-54923

Updated: 2025-08-20T17:23:00.425Z

Status : Awaiting Analysis
Published: 2025-08-20T14:15:46.253
Modified: 2025-08-20T14:39:07.860
Link: CVE-2025-54923

No data.

Updated: 2025-08-25T22:27:33Z