Remote Code Execution Vulnerability in Microsoft High Performance Compute Pack
CVE-2025-55232

9.8CRITICAL

Key Information:

Vendor: Microsoft
Status: Microsoft HPc Pack 2019
Vendor: CVE Published:; 9 September 2025

What is CVE-2025-55232?

A deserialization vulnerability in Microsoft High Performance Compute Pack allows unauthorized attackers to execute remote code by manipulating untrusted data. This security issue emphasizes the importance of validating data inputs to ensure that unauthorized commands cannot be executed over the network, which could potentially lead to severe compromise of the system.

Affected Version(s)

Microsoft HPC Pack 2019 Unknown 1.0.0 < 6.3.8352 Quick Fix QFE

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
Aug 11, 2025

JSON