Primary

Context

intra-mart Accel Platform IM-LogicDesigner Untrusted Data Deserialization Vulnerability Allowing Remote Code Execution

Vulnerability

A vulnerability exists in the IM-LogicDesigner module of the intra-mart Accel Platform, specifically in versions 2017 Spring through 2025 Autumn. This vulnerability involves the insecure deserialization of untrusted data, which can be exploited to execute arbitrary code. The issue arises when a crafted file is imported by a user with administrative privileges.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the server.

Remediation

Patches have been released for all affected versions. Instructions for applying the patch can be found in the intra-mart Accel Platform Set up guide. For environments using Accel-Mart Quick or DPS for Sales Cloud, the patch has already been applied. For intra-mart Accel Platform for LGWAN, the patch will be applied during the maintenance on February 27, 2026.

Added: Feb 27, 2026, 8:19 AM

Updated: Feb 27, 2026, 2:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

intra-mart Accel Platform IM-LogicDesigner Untrusted Data Deserialization Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating