← Volver a CVEs
CVE-2025-60038
HIGH7.8
Descripcion
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running Rexroth IndraWorks.
Detalles CVE
Puntuacion CVSS v3.17.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado2/18/2026
Ultima modificacion2/24/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
bosch:rexroth_indraworks
Debilidades (CWE)
CWE-502
Referencias
https://psirt.bosch.com/security-advisories/BOSCH-SA-591522.html(psirt@bosch.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.