Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

UA.Testclient

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2025-60036
Assigner-Robert Bosch GmbH
ShareView Details
Assigner-Robert Bosch GmbH
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.67%
||
7 Day CHG-0.04%
Published-18 Feb, 2026 | 14:02
Updated-24 Feb, 2026 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in the UA.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running the UA.Testclient.

Action-Not Available
Vendor-Bosch RexrothRobert Bosch GmbH
Product-rexroth_ua.testclientrexroth_indraworksIndraWorksUA.Testclient
CWE ID-CWE-502
Deserialization of Untrusted Data