cbcvebase.
CVE-2025-55232
published 2025-09-09

CVE-2025-55232: Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an unauthorized attacker to execute code over a network.

PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.92%
77.4th percentile
Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an unauthorized attacker to execute code over a network.

Affected

3 ranges
VendorProductVersion rangeFixed in
microsofthpc_pack< 6.3.83526.3.8352
microsoftmicrosoft_hpc_pack_2019>= 1.0.0 < 6.3.8352 Quick Fix QFE6.3.8352 Quick Fix QFE
msrcmicrosoft_hpc_pack_2019

Detection & IOCsextracted from sources · hover to see the quote

portTCP 5999
  • Monitor for unsolicited inbound connections on TCP port 5999 to HPC Pack nodes, which is the attack surface for this deserialization RCE vulnerability.
  • Detect exploitation attempts as network-based deserialization of untrusted data reaching HPC Pack services — no user interaction is required, making any unexpected remote session on TCP/5999 from untrusted hosts suspicious.
  • ·Vulnerable versions: HPC Pack 2019 Update 2 and HPC Pack 2016. Fixed in HPC Pack 2019 Update 3 (Build 6.3.8328) + QFE patch (Build 6.3.8352). HPC Pack 2016 has no in-place fix and requires migration to 2019.
  • ·The vulnerability is triggered over the network without authentication or user interaction, meaning any HPC Pack node with TCP/5999 exposed beyond a trusted network perimeter is at immediate risk.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_msrc9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.