CVE-2025-34153

216.73.217.22

· Published 13/08/2025 17:15 · Modified 13/08/2025 17:33

Labels: CVE-2025-34153 2025-08-13 CVE-2025-34153 CWE-502 [email protected]

Essential information

Published: 13/08/2025 17:15
Modified: 13/08/2025 17:33
Author: —
Creator: —
CVSS: 10.0 CRITICAL (v3) 10.0 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Hyland OnBase versions prior to 17.0.2.87 (other versions may be affected) are vulnerable to unauthenticated remote code execution via insecure deserialization on the .NET Remoting TCP channel. The service registers a listener on port 6031 with the URI endpoint TimerServer, implemented in Hyland.Core.Timers.dll. This endpoint deserializes untrusted input using the .NET BinaryFormatter, allowing attackers to execute arbitrary code under the context of NT AUTHORITY\SYSTEM.

NVD status

Status: Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
hyland / onbase	`cpe:2.3:a:hyland:onbase:<17.0.2.87:::::::*`