Deserialization in Philips Intellispace Portal
CVE-2025-3425
The IntelliSpace portal application utilizes .NET Remoting for its functionality. The vulnerability arises from the exploitation of port 755 through the deserialization vulnerability. After analyzing the configuration files, we observed th…
Vulnerability class: Insecure Deserialization
EPSS: 0.003 (21.6th percentile) — read the EPSS interpretation.
Affected products
- Philips Intellispace Portal — versions 12 and prior
Weakness classification (CWE)
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2025-3425?
- CVE-2025-3425 is a vulnerability in Philips Intellispace Portal, classified under Deserialization of Untrusted Data. Published 2025-04-07.
- Is CVE-2025-3425 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.