Deserialization Vulnerability in OpenText RightFax for Windows
CVE-2025-15610

9.3CRITICAL

Key Information:

Vendor: Opentext, Inc
Status: Rightfax
Vendor: CVE Published:; 15 April 2026

🔔 Create Opentext, Inc Vulnerability Alert

What is CVE-2025-15610?

A deserialization vulnerability has been identified in OpenText RightFax for Windows, affecting both 64-bit and 32-bit versions. This vulnerability allows for object injection, potentially enabling attackers to exploit the application by manipulating untrusted data. Users are urged to secure their RightFax installations to prevent unauthorized access and ensure data integrity.

Affected Version(s)

RightFax Windows 16.6 <= 16.6 Update7136

RightFax Windows 20.2 <= 20.2 Update5705

RightFax Windows 21.2 <= 21.2.1.2678

References

https://support.opentext.com/csm?id=ot_kb_unauthenticated...

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Mar 16, 2026

CVE-2025-15610 Data

JSON