Cybersecurity Alerts

Novi Survey Insecure Deserialization Vulnerability

Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-94

References

• https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx
• https://nvd.nist.gov/vuln/detail/CVE-2023-29492