CVE-2025-3425 HIGH

CVE-2025-3425: Unauthenticated Remote Code Execution via .NET Deserialization

Vendor Philips

Product IntelliSpace Portal

Weakness CWE-502 · Unsafe deserialization

Published April 7, 2025

Last update April 10, 2025

View on NVD All CVEs

CVSS base score

7.3/10

Attack vector Adjacent

Attack complexity High

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:P/AU:Y/R:U/V:C/RE:M/U:Green

What the vulnerability does

01Description

The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the deserialization vulnerability. After analyzing the configuration files, we observed that the server had set the TypeFilterLevel to Full which is dangerous as it can potentially lead to remote code execution using deserialization. This issue affects IntelliSpace Portal: 12 and prior.

Key dates

02Disclosure timeline

April 7, 2025 CVE published

April 10, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-3425 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/502.html

Related vulnerabilities

CVE-2025-3425: Unauthenticated Remote Code Execution via .NET Deserialization

01Description

02Disclosure timeline

03References

04Related CVE