Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HSamsung Data Management Server
HWSamsungwszystkie wersjeSamsung Data Management Server Firmware
OSSamsung2.0.0 – 2.3.13.1 (bez)2.5.0.17 – 2.6.14.1 (bez)2.7.0.15 – 2.9.3.6 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCEDeserialization
CWE
Related vulnerabilities
CVE-2025-53080HIGH7.1ten sam produkt
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management ...
CVE-2010-4284HIGH7.5ten sam produkt
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Ser...
CVE-2025-53077MEDIUM6.5ten sam produkt
An execution after redirect in Samsung DMS(Data Management Server) allows attackers to execute limited functio...
CVE-2025-53079MEDIUM4.9ten sam produkt
Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) t...
CVE-2025-53081MEDIUM6.4ten sam produkt
An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files...