CVE-2025-31932 | THREATINT

Description

Deserialization of untrusted data issue exists in BizRobo! all versions. If this vulnerability is exploited, an arbitrary code is executed on the Management Console. The vendor provides the workaround information and recommends to apply it to the deployment environment.

PUBLISHED Reserved 2025-04-02 | Published 2025-04-11 | Updated 2025-04-11 | Assigner jpcert

HIGH: 8.8CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

Deserialization of untrusted data

Product status

all versions

affected

References

knowledge.bizrobo.com/hc/ja/articles/39951710517145

knowledge.bizrobo.com/hc/ja/articles/39952052043289

knowledge.bizrobo.com/hc/ja/articles/39953373809305

knowledge.bizrobo.com/hc/ja/articles/360029772271

jvn.jp/en/jp/JVN30641875/

cve.org (CVE-2025-31932)

nvd.nist.gov (CVE-2025-31932)

Download JSON