The US Cybersecurity and infrastructure agencies (CISA) have warned that the lack of security affecting Trimble Urban work Asset management software focused on GIS was actively operating in the wild.
The vulnerability in question is the CVE-2025-0994 (CVSS V4: 8.6), desserization of an unreliable data error that can allow the attacker to conduct the removed code.
“This can allow authentified users to implement the code implementation on the Microsoft Infort Services (IIS) Customer Customer,” Cisa – Note In an advisory order of February 6, 2025.
The disadvantage affects the following versions –
- CityWorks (all versions up to 15.8.9)
- CityWorks of Office Companion (all versions up to 23.10)
While Trimble released patches to resolve security defect as of January 29, 2025, CISA warns that armed with real attacks.
The company, which is outdated in Colorado, also noted that it received reports of “unauthorized attempts to access the deployment of City City City Works”.
Compromise indicators (poppy) liberated By Trimble indicate that vulnerability is used to give up VshellAmong other unspecified useful loads.
It is currently unknown who is behind the attacks and what is the ultimate goal of the company. Users who work on the affected software versions are recommended to update their instances to the latest version for optimal protection.
