CVE-2025-60035

A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running the OPC.Testclient.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://psirt.bosch.com/security-advisories/BOSCH-SA-591522.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:bosch:rexroth_indraworks:*:*:*:*:*:*:*:*

History

24 Feb 2026, 16:01

Type	Values Removed	Values Added
CPE		cpe:2.3:a:bosch:rexroth_indraworks::::::::
References	~~() https://psirt.bosch.com/security-advisories/BOSCH-SA-591522.html -~~	() https://psirt.bosch.com/security-advisories/BOSCH-SA-591522.html - Vendor Advisory
First Time		Bosch rexroth Indraworks Bosch

18 Feb 2026, 14:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-18 14:16

Updated : 2026-02-24 16:01

NVD link : CVE-2025-60035

Mitre link : CVE-2025-60035

CVE.ORG link : CVE-2025-60035

JSON object : View

Products Affected

bosch

rexroth_indraworks

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2025-60035", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@bosch.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-02-18T14:16:04.513", "references": [{"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-591522.html", "tags": ["Vendor Advisory"], "source": "psirt@bosch.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@bosch.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability\u00a0has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running the OPC.Testclient."}], "lastModified": "2026-02-24T16:01:33.200", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bosch:rexroth_indraworks:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B23F6D2-E822-4E76-808D-B110D6EA4E04", "versionEndExcluding": "15v24"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@bosch.com"}