SEAT Queue Ticket Kiosk Java RMI Registry deserialization_CVE-2025-10252

2.3 / 10

LOW

CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in SEAT Queue Ticket Kiosk up to 20250827. This affects an unknown part of the component Java RMI Registry Handler. This manipulation causes deserialization. The attack can only be done within the local network. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-10252

Source VulDB

Published Sep 11, 2025 at 13:32

Affected Product

Vendor SEAT

Product Queue Ticket Kiosk

Version 20250827

Affected Versions SEAT Queue Ticket Kiosk 20250827

CWE Classification

CWE-502 CWE-20

References

{
    "lastseen": "",
    "description": "A flaw has been found in SEAT Queue Ticket Kiosk up to 20250827. This affects an unknown part of the component Java RMI Registry Handler. This manipulation causes deserialization. The attack can only be done within the local network. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-09-11T13:32:04.989Z",
    "modified": "2025-09-11T13:32:04.989Z",
    "type": "cve",
    "title": "SEAT Queue Ticket Kiosk Java RMI Registry deserialization",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.323612\nhttps://vuldb.com/?ctiid.323612\nhttps://vuldb.com/?submit.642598",
    "id": "CVE-2025-10252",
    "bulletinFamily": "",
    "cwe": [
        "CWE-502",
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "SEAT Queue Ticket Kiosk 20250827",
    "sourceHref": "",
    "cvss": {
        "score": 2.3,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Queue Ticket Kiosk",
    "version": "20250827",
    "vendor": "SEAT",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}