CVE-2025-3425 | THREATINT

Description

The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the deserialization vulnerability. After analyzing the configuration files, we observed that the server had set the TypeFilterLevel to Full which is dangerous as it can potentially lead to remote code execution using deserialization. This issue affects IntelliSpace Portal: 12 and prior.

PUBLISHED Reserved 2025-04-07 | Published 2025-04-07 | Updated 2025-04-10 | Assigner Philips

HIGH: 7.3CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:P/AU:Y/R:U/V:C/RE:M/U:Green

Problem types

CWE-502 Deserialization of Untrusted Data

Product status

Default status

unaffected

12 and prior

affected

Credits

Victor A Morales finder

Omar A Crespo finder

References

www.cve.org/CVERecord?id=CVE-2025-3425

www.philips.com/a-w/security/security-advisories.html

cve.org (CVE-2025-3425)

nvd.nist.gov (CVE-2025-3425)

Download JSON