CVE-2025-10492 is a high-severity vulnerability affecting Jaspersoft JasperReport Servers version 7. The root cause is a Java deserialization flaw within the Jaspersoft library used by the JasperReport Server product. Deserialization vulnerabilities occur when untrusted data is processed insecurely during the conversion from a byte stream back into an object, allowing attackers to craft malicious serialized objects that, when deserialized, can trigger arbitrary code execution. In this case, improper handling of externally supplied data enables remote attackers to execute arbitrary code on affected systems without requiring user interaction or prior authentication, as indicated by the CVSS vector (AV:N/AC:L/AT:N/UI:N/PR:L). The vulnerability impacts confidentiality, integrity, and availability at a high level, given the potential for full system compromise. The CVSS 4.0 score of 8.7 reflects the ease of exploitation over the network with low attack complexity and no user interaction, but requiring low privileges. No known exploits in the wild have been reported yet, but the vulnerability’s characteristics make it a critical risk for organizations using JasperReport Servers version 7. JasperReports is widely used for business intelligence reporting, often integrated into enterprise applications, making this vulnerability a significant threat vector for data breaches, lateral movement, and persistent access if exploited.

For European organizations, the impact of CVE-2025-10492 could be severe. JasperReport Servers are commonly deployed in sectors such as finance, healthcare, government, and manufacturing across Europe for generating reports and analytics. Successful exploitation could lead to unauthorized access to sensitive business intelligence data, disruption of reporting services, and potential pivoting to other internal systems. This could result in data breaches involving personal data protected under GDPR, causing regulatory penalties and reputational damage. Additionally, the ability to execute arbitrary code remotely could allow attackers to deploy ransomware or other malware, impacting operational continuity. Given the high integration of JasperReports in enterprise environments, the vulnerability could facilitate supply chain attacks or compromise of critical infrastructure components. The lack of user interaction and low attack complexity increases the risk of automated exploitation attempts, making timely mitigation essential.

Organizations should immediately identify all instances of JasperReport Server version 7 in their environments. Since no patch links are provided, it is critical to monitor Jaspersoft’s official channels for security updates or patches addressing CVE-2025-10492. In the interim, network-level mitigations should be applied, such as restricting access to JasperReport Server interfaces to trusted internal networks or VPNs only, and implementing strict firewall rules to limit exposure to the internet. Employing Web Application Firewalls (WAFs) with custom rules to detect and block suspicious serialized payloads can help reduce risk. Additionally, organizations should audit and harden Java deserialization configurations, disable or restrict deserialization where possible, and apply runtime application self-protection (RASP) tools to detect anomalous behavior. Regularly review logs for unusual activity related to JasperReports and conduct penetration testing focused on deserialization attacks. Finally, ensure that all users with low privileges on the server have minimal permissions, as the vulnerability requires low privileges but not none.