← Voltar para CVEs
CVE-2025-60037
HIGH7.8
Descricao
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running Rexroth IndraWorks.
Detalhes CVE
Pontuacao CVSS v3.17.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado2/18/2026
Ultima modificacao2/24/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
bosch:rexroth_indraworks
Fraquezas (CWE)
CWE-502
Referencias
https://psirt.bosch.com/security-advisories/BOSCH-SA-591522.html(psirt@bosch.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.