Active Exploitation of Trimble Cityworks Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding the ongoing exploitation of a critical vulnerability in Trimble Cityworks, a GIS-centric asset management software. This vulnerability, identified as CVE-2025-0994, poses significant risks to organizations utilizing this software.
Overview of the Vulnerability
CVE-2025-0994 is classified as a deserialization of untrusted data vulnerability, which allows attackers to execute remote code on affected systems. The vulnerability has been assigned a CVSS v4 score of 8.6, indicating a high level of severity.
Key Points
- Vulnerability Identifier: CVE-2025-0994
- CVSS v4 Score: 8.6 (High)
- Type: Deserialization of untrusted data
- Impact: Remote Code Execution (RCE)
- Active Exploitation: Confirmed in the wild
Recommendations
Organizations using Trimble Cityworks are urged to take immediate action to mitigate the risks associated with this vulnerability. Recommended steps include:
- Applying any available patches or updates from Trimble.
- Implementing network segmentation to limit exposure.
- Monitoring systems for unusual activity that may indicate exploitation attempts.
Conclusion
The active exploitation of CVE-2025-0994 highlights the importance of maintaining up-to-date software and implementing robust security measures. Organizations should prioritize addressing this vulnerability to protect their systems and data from potential attacks.




