Deserialization Vulnerability in FreeScout Help Desk by FreeScout

CVE-2025-54366

What is CVE-2025-54366?

CVE-2025-54366 is a critical deserialization vulnerability discovered in FreeScout, an open-source help desk and shared inbox application built using the PHP Laravel framework. This vulnerability affects versions 1.8.185 and earlier and poses a serious threat to organizations that rely on FreeScout for customer support and communication. The flaw lies in the insecure handling of POST parameters within the application's /conversation/ajax endpoint, specifically during the processing of attachment-related inputs using the Helper::decrypt() function. Due to improper validation, this can allow authenticated users, who have knowledge of the APP_KEY, to exploit the vulnerability and achieve remote code execution. As a result, attackers could manipulate application objects and properties, leading to a complete compromise of the FreeScout system. Organizations utilizing these vulnerable versions are encouraged to upgrade to version 1.8.186 to close the security gap.

Potential impact of CVE-2025-54366

1. Remote Code Execution: The most significant impact of this vulnerability is that it allows authenticated users to execute arbitrary code on the server. This capability can give attackers complete control over the affected FreeScout instance, enabling them to manipulate system functions, access sensitive data, and potentially spread their malicious activities throughout the organization's network.

2. Data Breaches: With the potential for remote code execution, attackers may gain unauthorized access to sensitive customer information stored within the FreeScout system. This could lead to severe data breaches, exposing personally identifiable information (PII) and potentially resulting in compliance issues and reputational damage for the organization.

3. Compromise of Availability: By exploiting this vulnerability, threat actors might disrupt the availability of the FreeScout application, hindering customer service operations. This disruption can affect the organization's ability to respond to customer inquiries effectively, leading to a breakdown in communication and a negative impact on customer satisfaction and trust.

References