CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE – The Hacker News

by [email protected] (The Hacker News) · February 7, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild.
The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution.
“This could –

CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE – The Hacker News

Leave a Reply Cancel reply

Recent Posts