CVE-2025-50572

HIGH

RSA Archer 6.11.00204.10014 - Remote Code Execution via CSV Formula Injection

Title source: llm

Description

Archer 6.11.00204.10014 allows attackers to execute arbitrary code via crafted system inputs that would be exported into the CSV and be executed after the user opened the file with compatible applications. NOTE: the Supplier does not accept this as a valid vulnerability report against their product.

References (4)

Core 4

Core References

Various Sources

http://archer.com

Various Sources

http://rsa.com

Various Sources

https://github.com/shorooq-hummdi/Archer-csv-injection-command-exec/blob/main/README.md

View Writeup ZIP pw:eip

Various Sources

https://www.archerirm.community/s/blogs/formula-injection-into-csv-files-vulnerability-in-rsa-archer-6-1-x-and-higher-MCOCQFO3WCQBCCHMKNC74JGSFWQY

Scores

CVSS v3 8.8

EPSS 0.0042

EPSS Percentile 33.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-1236

Status published

Published Jul 31, 2025

Tracked Since Feb 18, 2026