← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-0994 — Actively Exploited: Cityworks (Trimble)

Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.

CVE IDCVE-2025-0994
VendorTrimble
ProductCityworks
Vulnerability nameTrimble Cityworks Deserialization Vulnerability
Date added2025-02-07
Remediation due2025-02-28
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionTrimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →