Cyber Resilience

CVE-2025-53078

HighRCE

Published: 29 July 2025

Published
29 July 2025
Modified
11 August 2025
KEV Added
Patch
CVSS Score v3.1 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0114 78.8th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-53078 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Samsung Data Management Server Firmware. Its CVSS base score is 8.0 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 21.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

The vulnerability CVE-2025-53078 is a deserialization of untrusted data flaw (CWE-502) in Samsung DMS (Data Management Server). It permits attackers to execute arbitrary code on the affected system through unauthorized file writes.

Exploitation is possible over the network by an attacker with high privileges, though the attack carries high complexity and requires no user interaction. Successful exploitation yields high impact to confidentiality, integrity, and availability, along with a changed scope.

Samsung has published security updates and related guidance at https://security.samsungda.com/securityUpdates.html. The EPSS score remains flat at a peak and current value of 0.0114 with no material rise observed.

EU & UK References

Vulnerability details

Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Deserialization RCE on network-accessible DMS server directly enables remote exploitation of a public-facing application for arbitrary code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-53081Same product: Samsung Data Management Server
CVE-2025-53082Same product: Samsung Data Management Server
CVE-2025-52909Same vendor: Samsung
CVE-2026-20998Same vendor: Samsung
CVE-2026-20997Same vendor: Samsung
CVE-2025-54451Same vendor: Samsung
CVE-2025-54453Same vendor: Samsung
CVE-2025-62818Same vendor: Samsung
CVE-2025-54440Same vendor: Samsung
CVE-2025-54450Same vendor: Samsung

Affected Assets

samsung
data management server firmware
2.0.0 — 2.3.13.1 · 2.5.0.17 — 2.6.14.1 · 2.7.0.15 — 2.9.3.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the CVE by requiring identification, reporting, and correction of the deserialization flaw through vendor patches from Samsung advisories.

prevent

Prevents deserialization of untrusted data by validating information inputs at defined points to block malicious serialized payloads.

prevent

Protects system memory from unauthorized code execution resulting from deserialization exploits via safeguards like DEP and ASLR.

References