b2b-daily
Home | IT | Cyber Security

CISA Warns of Active Exploits Targeting Trimble Cityworks Software Flaw

Avatar photo
by Bairon McAdams
February 10, 2025
CISA Warns of Active Exploits Targeting Trimble Cityworks Software Flaw
Article Highlights
Off On

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding an actively exploited vulnerability in Trimble Cityworks, a GIS-centric asset management software. This vulnerability, identified as CVE-2025-0994, is a deserialization of untrusted data flaw that holds a CVSS v4 score of 8.6, allowing remote code execution by authenticated users on Microsoft’s IIS web server.

The vulnerability affects all versions of Cityworks prior to 15.8.9, as well as Cityworks with office companion versions before 23.10. In response to the identified risk, Trimble released patches aimed at fixing this vulnerability on January 29, 2025.

Despite these updates, CISA has reported continuous exploitation attempts targeting specific Cityworks deployments. Investigations reveal that these exploitation attempts involve a Rust-based loader deploying Cobalt Strike and a Go-based remote access tool named VShell, along with other unidentified payloads, thus emphasizing the critical nature of the problem.

CISA has added CVE-2025-0994 to its Known Exploited Vulnerabilities catalog, underscoring the necessity for Federal Civilian Executive Branch agencies to address and remediate this flaw by February 28, 2025. Users and administrators of the affected software versions are strongly urged to apply the necessary updates without delay. Additionally, they should actively search for indicators of compromise (IoCs) to ensure their systems are not already affected.

The advisory issued by CISA highlights the imperative of keeping software updated as a primary measure to mitigate the risks associated with known vulnerabilities. This is particularly crucial for those that are actively exploited in real-world attacks, like the one currently targeting Trimble Cityworks. Cybersecurity professionals and users must adopt a vigilant stance, prioritizing the application of patches and continuous monitoring for any signs of compromise. By doing so, they can effectively protect their systems and data from the ever-evolving landscape of cyber threats. As the situation evolves, staying informed and responsive remains essential for those aiming to maintain robust cybersecurity defenses.

Risk Management

Explore more

Ethereum Plans Major Glamsterdam Upgrade for Late 2026
June 18, 2026

Ethereum developers are currently finalizing the specifications for the Glamsterdam hard fork, which represents the next major milestone in the network’s ongoing evolution toward a more scalable and efficient global computer. This upcoming transition is not merely a routine update but a comprehensive overhaul of several critical components that have defined the network since its inception. By addressing long-standing technical

How Does Databricks CustomerLake Redefine the Agentic CDP?
June 18, 2026

The landscape of customer data management is currently undergoing a seismic transformation as the traditional boundaries between storage, analysis, and execution are being dismantled by the rise of the Data Intelligence Platform. For years, enterprises have struggled with the fragmentation tax, which represents the hidden cost of moving, cleaning, and syncing customer information across dozens of disconnected marketing clouds and

KDE Releases Plasma 6.7 with Per-Screen Virtual Desktops
June 18, 2026

The sheer complexity of contemporary digital workspaces often leads to a phenomenon where users feel overwhelmed by the literal lack of physical and virtual boundaries across their hardware. For years, the traditional approach to virtual desktops treated all connected displays as a singular, unified canvas, meaning that switching a workspace on one screen would force a transition on all others

Is the Fixed-Price AI Subscription Model Sustainable?
June 18, 2026

The rapid expansion of generative artificial intelligence has fundamentally transformed the digital landscape, yet the industry remains tethered to a subscription-based pricing model that may soon prove mathematically impossible to sustain. While the initial wave of adoption was fueled by the accessibility of flat-rate subscriptions, the underlying economics of massive compute clusters suggest a growing disconnect between user fees and

Will Agentic Automation Drive EMEA’s Autonomous Enterprise?
June 18, 2026

The transition from experimental artificial intelligence to deep-seated industrial application has reached a critical inflection point where simple task execution no longer suffices for the modern enterprise. As organizations across the Europe, Middle East, and Africa region navigate the complexities of a digital-first economy, the focus is pivoting toward Agentic Process Automation to bridge the gap between human intuition and