Trimble Product Security Update Advisory (CVE-2025-0994)

Overview

We have released a security update to fix vulnerabilities in Trimble products. Users of affected products are advised to update to the latest version.
 

 

 

Affected Products

 

CVE-2025-0994

Trimble Cityworks versions Version: ~15.8.9 (excluded)
Trimble Cityworks with office companion Version: ~23.10 (excluded)

 

 

 

Resolved Vulnerabilities

Untrusted data deserialization vulnerability (CVE-2025-0994)

 

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
 

 

CVE-2025-0994

Trimble Cityworks versions Version: 15.8.9
Trimble Cityworks with office companion version: 23.10

 

 

 

References

[1] https://www.cisa.gov/news-events/ics-advisories/icsa-25-037-04
https://www.cisa.gov/news-events/ics-advisories/icsa-25-037-04