Home

Description

Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard) versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the Legacy Remoting Service that is enabled by default. The service registers a TCP remoting channel with SOAP and binary formatters configured at TypeFilterLevel=Full and exposes default ObjectURI endpoints. A remote, unauthenticated attacker who can reach the remoting port can invoke the exposed remoting objects to read arbitrary files from the server and coerce outbound authentication, and may achieve arbitrary file write and remote code execution via known .NET Remoting exploitation techniques. This can lead to disclosure of sensitive installation and service-account data and compromise of the affected host.

PUBLISHED Reserved 2025-04-15 | Published 2025-12-09 | Updated 2025-12-09 | Assigner VulnCheck




CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-502 Deserialization of Untrusted Data

CWE-306 Missing Authentication for Critical Function

Product status

Default status
unaffected

5.x
affected

6.0 (semver) before 6.10.5
affected

6.0 (semver) before 6.11.1
affected

Credits

Victor A. Morales of GM Sectec, Corp. finder

References

www.entrust.com/...s/issuance-systems/instant/financial-card product

www.entrust.com/knowledgebase product

www.vulncheck.com/...g-unauthenticated-net-remoting-exposure third-party-advisory

cve.org (CVE-2025-34414)

nvd.nist.gov (CVE-2025-34414)

Download JSON