CVE-2025-53078
HIGHSamsung Data Management Server Firmware >=2.0.0 <2.3.13.1 - Remote Code Execution via Untrusted Data Deserialization
Title source: llmDescription
Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system
References (1)
Core 1
Core References
Vendor Advisory
https://security.samsungda.com/securityUpdates.html
Scores
CVSS v3
8.0
EPSS
0.0114
EPSS Percentile
78.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-502
Status
published
Products (1)
samsung/data_management_server_firmware
2.0.0 - 2.3.13.1
Published
Jul 29, 2025
Tracked Since
Feb 18, 2026