Unrated severityNVD Advisory· Published Feb 18, 2026· Updated Feb 18, 2026
CVE-2025-60037
CVE-2025-60037
Description
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running Rexroth IndraWorks.
Affected products
2- Bosch Rexroth/IndraWorksv5Range: all
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- psirt.bosch.com/security-advisories/BOSCH-SA-591522.htmlmitrevendor-advisory
News mentions
0No linked articles in our index yet.