Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Trimble Cityworks Deserialization Vulnerability Allowing Remote Code Execution

Vulnerability

Exploited

A deserialization vulnerability has been identified in Trimble Cityworks versions prior to 15.8.9, as well as in Cityworks with Office Companion versions prior to 23.10. This vulnerability could enable an authenticated user to execute remote code on a customer's Microsoft Internet Information Services (IIS) web server.

Impact

Exploitation of this vulnerability could allow an authenticated user to execute remote code on the affected server.

Remediation

Users are advised to update to Trimble Cityworks version 15.8.9 or later, or to Cityworks 23.10. On-premise users should install the updated version immediately. Cityworks Online (CWOL) deployments will receive the update automatically. Additionally, users should review their Internet Information Services (IIS) identity permissions and attachment directory configurations to ensure they are set correctly.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.9

remediation

7.7

relevance

0.0

threat

9.5

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.9

remediation

7.7

relevance

0.0

threat

9.5

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Trimble Cityworks Deserialization Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating