Bosch Rexroth IndraWorks OPC.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

A high-severity remote code execution vulnerability (CVE-2025-60035) has been identified in Bosch Rexroth IndraWorks that allows attackers to execute arbitrary code if a user interacts with malicious content such as visiting a compromised website or opening a malicious file. Security teams should immediately patch affected installations and educate users to avoid clicking suspicious links or opening untrusted files, as this remains the primary attack vector. Given the CVSS score of 7.8, this vulnerability should be prioritized for remediation in environments where IndraWorks is deployed.