← Back to CVEs
CVE-2025-60038
HIGH7.8
Description
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running Rexroth IndraWorks.
CVE Details
CVSS v3.1 Score7.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Published2/18/2026
Last Modified2/24/2026
Sourcenvd
Honeypot Sightings0
Affected Products
bosch:rexroth_indraworks
Weaknesses (CWE)
CWE-502
References
https://psirt.bosch.com/security-advisories/BOSCH-SA-591522.html(psirt@bosch.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.