Deserialization in Opentext, Inc Rightfax

CVE-2025-15610

The .NET Remoting framework used by OpenText Fax (RightFax) includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible.

Vulnerability class: Insecure Deserialization

EPSS: 0.001 (20.4th percentile) — read the EPSS interpretation.

Affected products

Opentext, Inc Rightfax — versions 16.6, 20.2, 21.2

Weakness classification (CWE)

CWE-502 — Deserialization of Untrusted Data

References

security@opentext.com