A critical-severity vulnerability has been discovered in the Bitdefender GravityZone Console, posing a significant risk to affected systems. The flaw, tracked as CVE-2025-2244 (CVSSv4 9.5), is an insecure PHP deserialization issue. The vulnerability resides within the sendMailFromRemoteSource method in Emails.php. The Bitdefender GravityZone Console “unsafely uses php unserialize() on user-supplied input without validation“. This lack of […]
The post Bitdefender GravityZone Console Hit by Critical PHP Deserialization Vulnerability appeared first on Daily CyberSecurity.