Deserialization in Quanos Solutions Gmbh Schema St4
CVE-2026-11857
Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service due to insecure deserialization in the .NET Remoting service. The service is configured with TypeFilterLevel.Full and is bound t…
Vulnerability class: Insecure Deserialization
Affected products
- Quanos Solutions Gmbh Schema St4 — versions SCHEMA ST4 on-premises, all versions