Vulnerability detail

Enriched intelligence for a single CVE

8.6

CVSS
High

CVE-2025-0994

PUBLISHED

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization...

Exploited in the wild PoC available Remote Low complexity No user interaction

Vendor: Trimble
Product: Cityworks, Cityworks (with office companion)
Published: Feb 06, 2025
EPSS: —

Description

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services (IIS) web server.

cisa

CVSS scores

CVSS v4.0 8.6 High

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Exploitation status

Exploited in the wild

Recorded 2025-02-07 00:00:00 UTC · Source

Proof of concept available

Recorded 2025-02-07 14:13:08 UTC · Source

SSVC decision points

Exploitation: active
Automatable: No
Technical impact: total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Feb 07, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

rxerium/CVE-2025-0994

github · Created 2025-02-07 14:13:08 UTC · 4 stars

Cityworks deserialization of untrusted data vulnerability Detection

Timeline

CVE ID Reserved

February 03, 2025
CVE Published to Public

February 06, 2025
Added to KEVIntel

February 07, 2025
Proof of Concept Exploit Available

February 07, 2025