cbcvebase.
CVE-2025-53078
published 2025-07-29

CVE-2025-53078: Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system

PriorityP258critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.38%
30.3th percentile
Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system

Affected

6 ranges
VendorProductVersion rangeFixed in
samsungdata_management_server_firmware>= 2.0.0 < 2.3.13.12.3.13.1
samsungdata_management_server_firmware>= 2.5.0.17 < 2.6.14.12.6.14.1
samsungdata_management_server_firmware>= 2.7.0.15 < 2.9.3.62.9.3.6
samsung_electronicsdata_management_server>= 2.0.0 < 2.3.13.12.3.13.1
samsung_electronicsdata_management_server>= 2.5.0.17 < 2.6.14.12.6.14.1
samsung_electronicsdata_management_server>= 2.7.0.15 < 2.9.3.62.9.3.6
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.