← Retour aux CVEs
CVE-2025-60037
HIGH7.8
Description
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running Rexroth IndraWorks.
Details CVE
Score CVSS v3.17.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie2/18/2026
Derniere modification2/24/2026
Sourcenvd
Observations honeypot0
Produits affectes
bosch:rexroth_indraworks
Faiblesses (CWE)
CWE-502
References
https://psirt.bosch.com/security-advisories/BOSCH-SA-591522.html(psirt@bosch.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.