CVE-2025-31932

{"id": "CVE-2025-31932", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "vultures@jpcert.or.jp", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2025-04-11T10:15:16.727", "references": [{"url": "https://jvn.jp/en/jp/JVN30641875/", "source": "vultures@jpcert.or.jp"}, {"url": "https://knowledge.bizrobo.com/hc/ja/articles/360029772271", "source": "vultures@jpcert.or.jp"}, {"url": "https://knowledge.bizrobo.com/hc/ja/articles/39951710517145", "source": "vultures@jpcert.or.jp"}, {"url": "https://knowledge.bizrobo.com/hc/ja/articles/39952052043289", "source": "vultures@jpcert.or.jp"}, {"url": "https://knowledge.bizrobo.com/hc/ja/articles/39953373809305", "source": "vultures@jpcert.or.jp"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "vultures@jpcert.or.jp", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "Deserialization of untrusted data issue exists in BizRobo! all versions. If this vulnerability is exploited, an arbitrary code is executed on the Management Console.\r\nThe vendor provides the workaround information and recommends to apply it to the deployment environment."}, {"lang": "es", "value": "Existe un problema de deserializaci\u00f3n de datos no confiables en todas las versiones de BizRobo!. Si se explota esta vulnerabilidad, se ejecuta c\u00f3digo arbitrario en la Consola de Administraci\u00f3n. El proveedor proporciona informaci\u00f3n sobre el workaround y recomienda aplicarlo al entorno de despliegue."}], "lastModified": "2025-04-11T15:39:52.920", "sourceIdentifier": "vultures@jpcert.or.jp"}