Tal Sheinfeld

**Name of the Vulnerable Software and Affected Versions** SVI MS Management System versions all **Description** The issue is related to insecure deserialization of user-supplied content in the Java Remote Management Interface, allowing attackers to execute arbitrary code via a crafted serialized Java object. This can be exploited by a remote attacker. **Recommendations** For all versions, consider disabling the Java Remote Management Interface until a patch is available to prevent exploitation. Restrict access to the interface to minimize the risk of arbitrary code execution. Avoid using user-supplied content in the interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.