Philips IntelliSpace Portal .NET Deserialization RCE (CVE-2025-3425)

## Critical Vulnerability Information - **CVE ID**: CVE-2025-3425 - **Release Date**: 2025-04-07 - **Update Date**: 2025-04-07 - **Title**: Unauthenticated Remote Code Execution Via .NET Deserialization - **Description**: - IntelliSpace portal application uses .NET Remoting for its functionality. - Vulnerability arises from exploitation of port 755 through deserialization vulnerability. - Server had set the TypeFilterLevel to Full, which can lead to remote code execution using deserialization. - Affects IntelliSpace Portal: 12 and prior. - **CWE**: CWE-502: Deserialization of Untrusted Data - **CVSS**: - Score: 7.3 - Severity: HIGH - Version: 4.0 - Vector String: CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N - **Affected Products**: - Vendor: Philips - Product: IntelliSpace Portal - Affected Versions: 12 and prior - **Discoverers**: - Victor A Morales - Omar A Crespo - **References**: - https://www.cve.org/CVERecord?id=CVE-2025-3425

Goal Reached Thanks to every supporter — we hit 100%!

Philips IntelliSpace Portal .NET Deserialization RCE (CVE-2025-3425)