CVE-2022-36119
Description
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for a domain authenticated user to send a crafted message to the Blue Prism Server and accomplish a remote code execution attack that is possible because of insecure deserialization. Exploitation of this vulnerability allows for code to be executed in the context of the Blue Prism Server service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Insecure deserialization in Blue Prism Enterprise 6.0–7.01 allows domain-authenticated users to achieve remote code execution via crafted messages.
Vulnerability
An insecure deserialization vulnerability exists in Blue Prism Enterprise versions 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application Server, a domain-authenticated user can send a crafted message to the server, leading to remote code execution. The issue is due to improper handling of serialized data during message processing [2].
Exploitation
Exploitation requires the attacker to be authenticated to the Active Directory domain and the Blue Prism Application Server to be exposed in an insecure network configuration. The attacker sends a specially crafted serialized object to the server, which is deserialized without proper validation, enabling arbitrary code execution. The attack depends on several complex prerequisites, including the absence of recommended Blue Prism Robotic Operating Model (ROM) practices such as logical network segmentation and access restrictions [2].
Impact
Successful exploitation allows code execution in the context of the Blue Prism Server service. This could lead to full compromise of the server, including data disclosure, modification, and potential lateral movement within the network. The impact is rated as critical, though exploitation probability is low due to the required conditions [2].
Mitigation
Blue Prism has released patches for versions 6.4 and later, integrated into version 7.1 which is available for download. Customers should upgrade to the latest supported version. For versions prior to 6.4, no patch is available and upgrading is necessary. Additionally, implementing Blue Prism ROM practices—such as placing platform components in a logically secured network and restricting access to approved devices—reduces the attack surface. Cloud customers are not affected [2].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Blue Prism/Blue Prism Enterprisedescription
- Range: >=6.0, <=7.01
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- blueprism.commitrex_refsource_MISC
- community.blueprism.com/discussion/security-vulnerability-notification-ssc-blue-prism-enterprisemitrex_refsource_MISC
- portal.blueprism.com/security-vulnerabilities-august-2022mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.