← Back to CVEs
CVE-2025-7916
CRITICAL9.8
Description
WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized contents.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published7/21/2025
Last Modified7/22/2025
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-502
References
https://www.twcert.org.tw/en/cp-139-10257-e88f3-2.html(twcert@cert.org.tw)
https://www.twcert.org.tw/tw/cp-132-10256-14d55-1.html(twcert@cert.org.tw)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.