RCE in Spotfire Deployment Kit Used In Server
CVE-2025-3114
Code Execution via Malicious Files: Attackers can create specially crafted files with embedded code that may execute without adequate security validation, potentially leading to system compromise. Sandbox Bypass Vulnerability: A flaw in t…
Vulnerability class: RCE (Remote Code Execution)
EPSS: 0.005 (41.4th percentile) — read the EPSS interpretation.
Affected products
- Spotfire Deployment Kit Used In Server — versions 14, 14.1.0, 14.2.0
- Spotfire Analyst — versions 14, 14.1.0, 14.2.0
- Spotfire Desktop — versions 14
- Spotfire Enterprise Runtime For R — versions 6
- Spotfire Enterprise Runtime For R - Server Edition — versions 1, 1.18.0, 1.19.0
- Spotfire For Aws Marketplace — versions 14
- Spotfire Statistics Services — versions 14, 14.1.0, 14.2.0