b2b-daily
Home | IT | Cyber Security

CISA Warns of Active Exploits Targeting Trimble Cityworks Software Flaw

Avatar photo
by Bairon McAdams
February 10, 2025
CISA Warns of Active Exploits Targeting Trimble Cityworks Software Flaw
Article Highlights
Off On

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding an actively exploited vulnerability in Trimble Cityworks, a GIS-centric asset management software. This vulnerability, identified as CVE-2025-0994, is a deserialization of untrusted data flaw that holds a CVSS v4 score of 8.6, allowing remote code execution by authenticated users on Microsoft’s IIS web server.

The vulnerability affects all versions of Cityworks prior to 15.8.9, as well as Cityworks with office companion versions before 23.10. In response to the identified risk, Trimble released patches aimed at fixing this vulnerability on January 29, 2025.

Despite these updates, CISA has reported continuous exploitation attempts targeting specific Cityworks deployments. Investigations reveal that these exploitation attempts involve a Rust-based loader deploying Cobalt Strike and a Go-based remote access tool named VShell, along with other unidentified payloads, thus emphasizing the critical nature of the problem.

CISA has added CVE-2025-0994 to its Known Exploited Vulnerabilities catalog, underscoring the necessity for Federal Civilian Executive Branch agencies to address and remediate this flaw by February 28, 2025. Users and administrators of the affected software versions are strongly urged to apply the necessary updates without delay. Additionally, they should actively search for indicators of compromise (IoCs) to ensure their systems are not already affected.

The advisory issued by CISA highlights the imperative of keeping software updated as a primary measure to mitigate the risks associated with known vulnerabilities. This is particularly crucial for those that are actively exploited in real-world attacks, like the one currently targeting Trimble Cityworks. Cybersecurity professionals and users must adopt a vigilant stance, prioritizing the application of patches and continuous monitoring for any signs of compromise. By doing so, they can effectively protect their systems and data from the ever-evolving landscape of cyber threats. As the situation evolves, staying informed and responsive remains essential for those aiming to maintain robust cybersecurity defenses.

Risk Management

Explore more

Is Windows 11 Becoming the Ultimate Developer Platform?
June 12, 2026

The traditional rivalry between operating systems has shifted from a simple battle of market shares to a sophisticated competition over which environment provides the most seamless experience for the people who actually build the modern web. At the Microsoft Build 2026 conference, the tech giant signaled a major shift in how Windows 11 serves the engineering community, moving beyond consumer-facing

Why Use Local AI to Refine Your Cloud Prompts?
June 12, 2026

Advanced practitioners in the field of artificial intelligence are rapidly moving away from the simplistic habit of relying on a single cloud-based chatbot for every creative or technical requirement, opting instead for a sophisticated multi-tiered workflow. Rather than sending every query directly to premium cloud services, users are increasingly utilizing local models as preliminary assistants to address the inherent flaws

Can UiPath Bridge the Gap Between AI Hype and Execution?
June 12, 2026

The enterprise automation landscape is currently witnessing a paradoxical struggle where technical brilliance and high-value software solutions are clashing with a skeptical investment community that demands immediate monetization of artificial intelligence. While the sector has long been synonymous with Robotic Process Automation, the shift toward generative AI has forced a re-evaluation of long-term market dominance. Investors are no longer captivated

Google Merges Display Ads and Demand Gen for Small Businesses
June 12, 2026

Navigating the increasingly complex ecosystem of digital advertising has long remained a significant barrier for small business owners who lack dedicated marketing departments. Google has addressed this challenge by streamlining its promotional ecosystem through the integration of traditional Display Ads with the more dynamic Demand Gen campaigns. This strategic shift reflects a broader industry trend toward AI-driven automation, where the

Is Your Front Desk the Newest Weak Link in Cybersecurity?
June 12, 2026

As sophisticated digital defenses become increasingly difficult for hackers to bypass, the physical reception area has emerged as a surprisingly effective entry point for those seeking unauthorized access to corporate networks. While cybersecurity teams spend millions on firewalls and advanced encryption, a visitor with a simple clipboard and a plausible back story can often walk past the most expensive security