Cyber Resilience

CVE-2025-10363

CriticalRCE

Published: 06 October 2025

Published
06 October 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:X
EPSS Score 0.0212 84.5th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-10363 is a critical-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Topal Solutions AG (inferred from references). Its CVSS base score is 10.0 (Critical).

Operationally, ranked in the top 15.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2025-10363 is a deserialization of untrusted data vulnerability, assigned CWE-502, that permits remote code execution. It affects Topal Solutions AG Topal Finanzbuchhaltung running on Windows, with the issue confirmed in version 10.1.5.20 and addressed in the 11.2.12.00 release.

Unauthenticated remote attackers can supply malicious serialized data over the network to trigger arbitrary code execution on the target system, achieving full compromise of confidentiality, integrity, and availability without any user interaction or credentials.

The vendor's release notes for version 11.2.12.00 document the fix, while the accompanying advisory from InfoGuard Labs details the unauthenticated remote code execution path and recommends immediate upgrade from affected releases. The associated EPSS score remains low and unchanged at 0.0191 with no observed upward trajectory after disclosure.

EU & UK References

Vulnerability details

Deserialization of Untrusted Data vulnerability in Topal Solutions AG Topal Finanzbuchhaltung on Windows allows Remote Code Execution.This issue affects at least Topal Finanzbuchhaltung: 10.1.5.20 and is fixed in version 11.2.12.00

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Topal
Solutions AG
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-502

Penetration testing supplies malicious serialized objects, detecting unsafe deserialization and supporting corrective actions.

addresses: CWE-502

Evaluation of untrusted data handling (deserialization testing) reveals unsafe processing, which the required remediation process addresses.

addresses: CWE-502

Untrusted serialized data can be deserialized and observed inside the chamber, blocking gadget-chain exploitation outside the sandbox.

addresses: CWE-502

Validates or rejects untrusted serialized data before deserialization occurs.

addresses: CWE-502

Identifies and blocks malicious code introduced through deserialization of untrusted data at system boundaries.

addresses: CWE-502

Integrity verification of serialized information can detect tampering before deserialization occurs.

addresses: CWE-502

Provenance of associated data allows detection of untrusted sources before deserialization or processing occurs.

References