CISA is collaborating with private industry partners to meet the operating reports of a vulnerability (CVE-2025-0994) discovered by trimter impacting its CityWorks AMS server (asset management system). Trimble has published security updates and an opinion on a recently discovered vulnerability of deialization allowing an external player to carry out a remote code execution (RCE) compared to a Microsoft Internet Services web server (IIS).
Cisa added CVE-2025-0994 to its known vulnerability catalog, based on active operating evidence.
The CISA strongly encourages users and administrators to seek compromise indicators (IOC) and to apply the necessary updates and bypass solutions.
Review the following article for more information:
Symantec Threat's Hunter team, which is part of Broadcom, has contributed to these directives.
