CVE-2025-54449
Published: 23 July 2025
Summary
CVE-2025-54449 is a critical-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Samsung Magicinfo 9 Server. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 35.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-54449 is an Unrestricted Upload of File with Dangerous Type vulnerability (CWE-434) in Samsung Electronics MagicINFO 9 Server. It enables code injection and affects versions prior to 21.1080.0. The vulnerability has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its potential for high-impact remote exploitation.
Attackers can exploit this vulnerability remotely over the network with low complexity, requiring no authentication, privileges, or user interaction. Successful exploitation allows arbitrary code injection, potentially resulting in high confidentiality, integrity, and availability impacts, such as full system compromise on affected MagicINFO 9 Server instances.
For mitigation details, refer to the Samsung security advisory at https://security.samsungtv.com/securityUpdates, which likely outlines patching to version 21.1080.0 or later as the primary remediation.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-22411
Vulnerability details
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload (CWE-434) on a public-facing server directly enables remote code execution without authentication, mapping to exploitation of public-facing applications.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-2 requires timely remediation of identified flaws, such as patching MagicINFO 9 Server to version 21.1080.0 or later, directly eliminating the unrestricted file upload vulnerability.
SI-10 mandates information input validation at file upload points to reject dangerous file types and prevent code injection in MagicINFO 9 Server.
SI-9 enforces restrictions on types of information inputs, such as whitelisting safe file extensions, to block unrestricted uploads of dangerous files leading to code injection.