Primary

Context

Samsung DMS Deserialization Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A deserialization vulnerability in Samsung Data Management Server (DMS) has been identified, allowing attackers to execute arbitrary code by writing files to the system. This issue affects DMS versions 2.9.3.5 to 2.7.0.15, 2.6.14.0 to 2.5.0.17, and 2.3.13.0 to 2.0.0.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Remediation

An official patch is available for this vulnerability.

Added: Jul 29, 2025, 5:26 AM

Updated: Jul 29, 2025, 5:26 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung DMS Deserialization Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating