Mrwq

**Name of the Vulnerable Software and Affected Versions** Hikvision Integrated Security Management Platform (affected versions not specified) **Description** A critical issue exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The `/bic/ssoService/v1/applyCT` API endpoint deserializes untrusted user input, enabling an attacker to trigger Fastjson's auto-type feature and load arbitrary Java classes. By referencing a malicious class through an LDAP URL, an attacker can achieve remote code execution on the underlying system. The Shadowserver Foundation observed exploitation evidence on 2025-02-05 UTC. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.