Deserialization Vulnerability in Samsung Data Management Server
CVE-2025-53078

9.8CRITICAL

Key Information:

Vendor: Samsung Electronics
Status: Data Management Server
Vendor: CVE Published:; 29 July 2025

🔔 Create Samsung Electronics Vulnerability Alert

What is CVE-2025-53078?

This vulnerability in Samsung's Data Management Server allows attackers to exploit deserialization of untrusted data, leading to unauthorized execution of arbitrary code. If successfully exploited, an attacker could manipulate the server's functionality, potentially compromising sensitive data and disrupting services.

Affected Version(s)

Data Management Server 2.0.0 < 2.3.13.1

Data Management Server 2.5.0.17 < 2.6.14.1

Data Management Server 2.7.0.15 < 2.9.3.6

References

https://security.samsungda.com/securityUpdates.html

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 29, 2025
Vulnerability Reserved
Jun 24, 2025

Credit

Noam Moshe of Claroty Team82

JSON