PT-2025-16101 · Bizrobo! · Bizrobo!

Published

2025-04-11

Updated

2025-04-11

CVE-2025-31932

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: BizRobo! (affected versions not specified)

Description: A deserialization of untrusted data issue exists in BizRobo!. If this issue is exploited, an arbitrary code is executed on the Management Console. The vendor provides workaround information and recommends applying it to the deployment environment.

Recommendations: Apply the workaround provided by the vendor to the deployment environment. As a temporary workaround, consider restricting access to the Management Console until the issue is resolved. Avoid using untrusted data in the deserialization process until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

Fix

RCE

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2025-31932

Affected Products

Bizrobo!

PT-2025-16101 · Bizrobo! · Bizrobo!

CVE-2025-31932

Weakness Enumeration

Related Identifiers

Affected Products

References · 10