Severity by source
AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.
AnalysisAI
CVE-2025-30023 is a critical remote code execution vulnerability in a client-server communication protocol that allows authenticated users to execute arbitrary code on affected systems. The flaw affects users with valid credentials who can access the affected service over an adjacent network segment, potentially compromising confidentiality, integrity, and availability across trust boundaries. While specific product details are limited in the provided data, this represents a high-severity risk requiring immediate patching, particularly if actively exploited or if public proof-of-concept code exists.
Technical ContextAI
This vulnerability is rooted in CWE-502 (Deserialization of Untrusted Data), indicating the communication protocol likely deserializes data without proper validation, allowing authenticated attackers to inject malicious payloads. The protocol appears to operate at the application layer between networked clients and servers. The flaw exists despite authentication requirements, suggesting the vulnerability bypasses or exploits trust assumptions in the authenticated communication channel. Without CPE data provided, the exact products affected cannot be determined; however, organizations should audit communication protocols in their infrastructure that handle serialized data from authenticated users, particularly those using Java serialization, pickle, YAML parsing, or similar deserialization mechanisms.
RemediationAI
Without vendor advisory links or patch version numbers in the provided data, general remediation guidance is: (1) Apply vendor-supplied security patches immediately when released—monitor vendor security pages for CVE-2025-30023 updates; (2) If patching is delayed, implement network segmentation to restrict client-server communication to authorized network segments only; (3) Enforce strong authentication and monitor for unusual account activity or authentication from unexpected network locations; (4) Disable or restrict the affected communication protocol if possible until patches are deployed; (5) Implement input validation and serialization controls at the application layer if protocol-level fixes are unavailable; (6) Review application logs for suspicious deserialization events or unexpected object instantiation. Vendors should provide specific patch versions and deployment timelines in their security advisories.
More in Camera Station
View allCVE-2025-30026 is a critical authentication bypass vulnerability in AXIS Camera Station Server that allows unauthenticat
During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated
Same weakness CWE-502 – Deserialization of Untrusted Data
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-21112