CVE-2025-3424

The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the "Object Marshalling" technique, which allows an attacker to read internal files without any authentication. This is possible by crafting specific .NET Remoting URLs derived from information enumerated in the client-side configuration files. This issue affects IntelliSpace Portal: 12 and prior.

CVSS

No CVSS.

References

Link	Resource
https://www.cve.org/CVERecord?id=CVE-2025-3424
https://www.philips.com/a-w/security/security-advisories.html#security_advisories

Configurations

No configuration.

History

10 Apr 2025, 16:15

Type	Values Removed	Values Added
References		() https://www.philips.com/a-w/security/security-advisories.html#security_advisories -

08 Apr 2025, 18:14

Type	Values Removed	Values Added
Summary		(es) La aplicación de Intellispace Portal utiliza .NET Remoting para su funcionalidad. La vulnerabilidad surge de la explotación del puerto 755 mediante la técnica de "Object Marshalling", que permite a un atacante leer archivos internos sin autenticación. Esto es posible mediante la manipulación de URL específicas de .NET Remoting derivadas de la información enumerada en los archivos de configuración del cliente. Este problema afecta a IntelliSpace Portal: 12 y versiones anteriores.

07 Apr 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-07 16:15

Updated : 2025-04-10 16:15

NVD link : CVE-2025-3424

Mitre link : CVE-2025-3424

CVE.ORG link : CVE-2025-3424

JSON object : View

Products Affected

No product.

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2025-3424", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "20705f08-db8b-4497-8f94-7eea62317651", "cvssData": {"Safety": "PRESENT", "version": "4.0", "Recovery": "USER", "baseScore": 7.7, "Automatable": "YES", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:C/RE:M/U:Green", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "GREEN", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-04-07T16:15:27.703", "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2025-3424", "source": "20705f08-db8b-4497-8f94-7eea62317651"}, {"url": "https://www.philips.com/a-w/security/security-advisories.html#security_advisories", "source": "20705f08-db8b-4497-8f94-7eea62317651"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "20705f08-db8b-4497-8f94-7eea62317651", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "The IntelliSpace portal application utilizes .NET\nRemoting for its functionality. The vulnerability arises from the exploitation\nof port 755 through the \"Object Marshalling\" technique, which allows\nan attacker to read internal files without any authentication. This is possible\nby crafting specific .NET Remoting URLs derived from information enumerated in\nthe client-side configuration files.\n\n\n\n\n\n\n\nThis issue affects IntelliSpace Portal: 12 and prior."}, {"lang": "es", "value": "La aplicaci\u00f3n de Intellispace Portal utiliza .NET Remoting para su funcionalidad. La vulnerabilidad surge de la explotaci\u00f3n del puerto 755 mediante la t\u00e9cnica de \"Object Marshalling\", que permite a un atacante leer archivos internos sin autenticaci\u00f3n. Esto es posible mediante la manipulaci\u00f3n de URL espec\u00edficas de .NET Remoting derivadas de la informaci\u00f3n enumerada en los archivos de configuraci\u00f3n del cliente. Este problema afecta a IntelliSpace Portal: 12 y versiones anteriores."}], "lastModified": "2025-04-10T16:15:29.207", "sourceIdentifier": "20705f08-db8b-4497-8f94-7eea62317651"}