CVE-2025-2244 - Vulnerability Details - OpenCVE

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize() on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact High

Subsequent System Availability Impact High

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

No data.

No data.

No data.

References

Link	Providers
http://bitdefender.com/support/security-advisories/insecure-php-deserialization-issue-in-gravityzone-console-va-12634

History

Fri, 04 Apr 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 04 Apr 2025 10:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize() on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system.
Title		Insecure PHP deserialization issue in GravityZone Console (VA-12634)
Weaknesses		CWE-502
References		http://bitdefender.com/support/security-advisories/insecure-php-deserialization-issue-in-gravityzone-console-va-12634
Metrics		cvssV4_0 `{'score': 9.5, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}`

MITRE

Status: PUBLISHED

Assigner: Bitdefender

Published: 2025-04-04T09:52:48.684Z

Updated: 2025-04-04T14:26:11.160Z

Reserved: 2025-03-12T11:14:05.487Z

Link: CVE-2025-2244

Vulnrichment

Updated: 2025-04-04T14:26:06.449Z

NVD

Status : Awaiting Analysis

Published: 2025-04-04T10:15:16.580

Modified: 2025-04-07T14:18:15.560

Link: CVE-2025-2244

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2244", "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "state": "PUBLISHED", "assignerShortName": "Bitdefender", "dateReserved": "2025-03-12T11:14:05.487Z", "datePublished": "2025-04-04T09:52:48.684Z", "dateUpdated": "2025-04-04T14:26:11.160Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "GravityZone Console", "vendor": "Bitdefender", "versions": [{"lessThan": "6.41.2-1", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Nicolas Verdier (@n1nj4sec)"}], "datePublic": "2025-04-04T09:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability in the <code>sendMailFromRemoteSource</code> method in <code>Emails.php</code>  as used in Bitdefender GravityZone Console unsafely uses <code>php unserialize()</code> on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system."}], "value": "A vulnerability in the\u00a0sendMailFromRemoteSource\u00a0method in Emails.php\u00a0 as used in Bitdefender GravityZone Console unsafely uses php unserialize()\u00a0on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system."}], "impacts": [{"capecId": "CAPEC-137", "descriptions": [{"lang": "en", "value": "CAPEC-137 Parameter Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 9.5, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "CWE-502 \u2013 Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "shortName": "Bitdefender", "dateUpdated": "2025-04-04T09:52:48.684Z"}, "references": [{"url": "http://bitdefender.com/support/security-advisories/insecure-php-deserialization-issue-in-gravityzone-console-va-12634"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An automatic update to version 6.41.2-1 fixes the issue."}], "value": "An automatic update to version\u00a06.41.2-1 fixes the issue."}], "source": {"discovery": "EXTERNAL"}, "title": "Insecure PHP deserialization issue in GravityZone Console (VA-12634)", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-04T14:25:40.859470Z", "id": "CVE-2025-2244", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-04T14:26:11.160Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2244", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-04-04T14:25:40.859470Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-04T14:26:06.449Z"}}], "cna": {"title": "Insecure PHP deserialization issue in GravityZone Console (VA-12634)", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Nicolas Verdier (@n1nj4sec)"}], "impacts": [{"capecId": "CAPEC-137", "descriptions": [{"lang": "en", "value": "CAPEC-137 Parameter Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.5, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Bitdefender", "product": "GravityZone Console", "versions": [{"status": "affected", "version": "0", "lessThan": "6.41.2-1", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "An automatic update to version\u00a06.41.2-1 fixes the issue.", "supportingMedia": [{"type": "text/html", "value": "An automatic update to version 6.41.2-1 fixes the issue.", "base64": false}]}], "datePublic": "2025-04-04T09:00:00.000Z", "references": [{"url": "http://bitdefender.com/support/security-advisories/insecure-php-deserialization-issue-in-gravityzone-console-va-12634"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the\u00a0sendMailFromRemoteSource\u00a0method in Emails.php\u00a0 as used in Bitdefender GravityZone Console unsafely uses php unserialize()\u00a0on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability in the <code>sendMailFromRemoteSource</code> method in <code>Emails.php</code>  as used in Bitdefender GravityZone Console unsafely uses <code>php unserialize()</code> on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "CWE-502 \u2013 Deserialization of Untrusted Data"}]}], "providerMetadata": {"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "shortName": "Bitdefender", "dateUpdated": "2025-04-04T09:52:48.684Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2244", "state": "PUBLISHED", "dateUpdated": "2025-04-04T14:26:11.160Z", "dateReserved": "2025-03-12T11:14:05.487Z", "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "datePublished": "2025-04-04T09:52:48.684Z", "assignerShortName": "Bitdefender"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the\u00a0sendMailFromRemoteSource\u00a0method in Emails.php\u00a0 as used in Bitdefender GravityZone Console unsafely uses php unserialize()\u00a0on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system."}, {"lang": "es", "value": "Una vulnerabilidad en el m\u00e9todo sendMailFromRemoteSource de Emails.php, utilizado en Bitdefender GravityZone Console, utiliza de forma insegura la funci\u00f3n php unserialize() en la entrada proporcionada por el usuario sin validaci\u00f3n. Al manipular un payload serializado malicioso, un atacante puede activar la inyecci\u00f3n de objetos PHP, escribir en un archivo y ejecutar comandos arbitrarios en el sistema host."}], "id": "CVE-2025-2244", "lastModified": "2025-04-07T14:18:15.560", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.5, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cve-requests@bitdefender.com", "type": "Secondary"}]}, "published": "2025-04-04T10:15:16.580", "references": [{"source": "cve-requests@bitdefender.com", "url": "http://bitdefender.com/support/security-advisories/insecure-php-deserialization-issue-in-gravityzone-console-va-12634"}], "sourceIdentifier": "cve-requests@bitdefender.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "cve-requests@bitdefender.com", "type": "Primary"}]}