Remote Code Execution Vulnerability in WildFly and JBoss EAP
CVE-2025-2251

6.2MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Jboss Enterprise Application Platform 7; Red Hat Jboss Enterprise Application Platform 8; Red Hat Jboss Enterprise Application Platform Expansion Pack
Vendor: CVE Published:; 7 April 2025

Summary

A security vulnerability has been identified in WildFly and JBoss Enterprise Application Platform (EAP) related to the Enterprise JavaBeans (EJB) remote invocation mechanism. This issue arises from the mishandling of untrusted data during the deserialization process in JBoss Marshalling. An attacker can exploit this flaw by sending a specially crafted serialized object, which could enable remote code execution without the need for authentication, posing significant risk to affected systems.

References

https://access.redhat.com/security/cve/CVE-2025-2251

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2351678

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 7, 2025
Vulnerability Reserved
Mar 12, 2025

Credit

Red Hat would like to thank Pupi1 for reporting this issue.