CVE-2025-54539 is a critical deserialization vulnerability in the Apache ActiveMQ NMS AMQP Client, a .NET client library used to connect to AMQP message brokers. The vulnerability arises from unbounded deserialization of data received from AMQP servers, allowing malicious servers to craft serialized payloads that, when deserialized by the client, can lead to arbitrary code execution. This affects all versions up to and including 2.3.0. Although version 2.1.0 introduced allow/deny lists to restrict deserialization types, these controls can be bypassed under certain conditions, rendering them insufficient. The root cause is the reliance on .NET binary serialization, which is inherently insecure when processing untrusted data. The Apache project is considering removing .NET binary serialization support entirely in future releases, aligning with Microsoft's deprecation of binary serialization in .NET 9. The vulnerability is exploitable without authentication but requires the client to connect to a malicious or compromised AMQP server. This attack vector is particularly relevant in environments where clients connect to third-party or untrusted AMQP brokers. The vulnerability does not have a CVSS score yet but is classified under CWE-502 (Deserialization of Untrusted Data). No public exploits have been reported so far. The recommended mitigation is to upgrade to version 2.4.0 or later, which addresses the issue by removing or securing the deserialization process. Additionally, projects should plan to migrate away from .NET binary serialization to more secure serialization methods to harden their messaging infrastructure.

The vulnerability allows remote attackers controlling an AMQP server to execute arbitrary code on client machines running vulnerable versions of the Apache ActiveMQ NMS AMQP Client. This can lead to full compromise of the client system, including data theft, lateral movement, or disruption of services. For European organizations, especially those in finance, telecommunications, and critical infrastructure sectors that rely heavily on messaging systems for real-time data exchange, the impact could be severe. Compromise of messaging clients could lead to interception or manipulation of sensitive data, disruption of business processes, and potential regulatory non-compliance under GDPR if personal data is exposed. The ease of exploitation—requiring only a connection to a malicious AMQP server—raises the risk in environments where clients connect to external or third-party AMQP services. The lack of authentication requirement and the ability to bypass existing deserialization restrictions increase the threat level. Although no exploits are known in the wild yet, the potential impact and exploitability make this a high-risk vulnerability that demands immediate attention.

1. Upgrade all Apache ActiveMQ NMS AMQP Client instances to version 2.4.0 or later immediately to apply the official fix. 2. Audit and restrict the list of AMQP servers that clients connect to, ensuring only trusted and verified servers are used. 3. Implement network segmentation and firewall rules to limit client connections to known safe AMQP brokers. 4. Begin migrating away from .NET binary serialization to safer serialization formats such as JSON or Protocol Buffers, as part of a long-term security strategy. 5. Monitor client application logs and network traffic for unusual AMQP server responses or unexpected deserialization errors. 6. Conduct security reviews of messaging infrastructure to identify any exposure to untrusted AMQP servers. 7. Educate development and operations teams about the risks of deserialization vulnerabilities and secure coding practices related to serialization. 8. Consider deploying runtime application self-protection (RASP) or endpoint detection and response (EDR) solutions to detect and block exploitation attempts targeting deserialization flaws.