CVE-2025-54539 is a deserialization of untrusted data vulnerability (CWE-502) found in the Apache ActiveMQ NMS AMQP Client, affecting all versions up to and including 2.3.0. The flaw arises when the client establishes connections to untrusted AMQP servers, which can send maliciously crafted serialized data. The client’s deserialization logic does not sufficiently validate or restrict incoming serialized objects, allowing attackers to execute arbitrary code on the client machine. Although version 2.1.0 implemented allow/deny lists to limit deserialization to safe types, these controls have been demonstrated to be bypassable under certain conditions, leaving the client exposed. The vulnerability leverages .NET binary serialization, a mechanism Microsoft plans to deprecate in .NET 9, prompting the Apache project to consider removing this feature entirely in future releases. The vulnerability is remotely exploitable without authentication or user interaction, making it highly dangerous. The Apache ActiveMQ NMS AMQP Client is a .NET client library used to connect to ActiveMQ brokers via the AMQP protocol, commonly deployed in enterprise messaging infrastructures. The critical CVSS score of 9.8 reflects the vulnerability’s potential to compromise confidentiality, integrity, and availability by enabling remote code execution. Users are urged to upgrade to version 2.4.0 or later, which contains fixes that prevent this attack vector. Additionally, projects should plan to phase out .NET binary serialization to reduce attack surface and align with modern security best practices.

The vulnerability allows remote attackers controlling an AMQP server to execute arbitrary code on client machines running vulnerable versions of Apache ActiveMQ NMS AMQP Client. This can lead to full system compromise, data theft, unauthorized access, and disruption of messaging services. Since the client is often integrated into enterprise messaging systems, exploitation could affect critical business processes, potentially impacting financial transactions, communications, and operational workflows. The lack of authentication or user interaction requirements increases the risk of widespread exploitation, especially in environments where clients connect to untrusted or external AMQP servers. Organizations relying on this client in cloud, hybrid, or multi-tenant environments may face elevated risks. The vulnerability also threatens the integrity and availability of messaging infrastructure, potentially causing denial of service or persistent backdoors. Given the critical CVSS rating and the nature of the flaw, the impact is severe for organizations using affected versions, particularly those with high-value or sensitive data flows.

Immediate mitigation requires upgrading all deployments of Apache ActiveMQ NMS AMQP Client to version 2.4.0 or later, which contains patches that properly restrict deserialization and eliminate the vulnerability. Organizations should audit their messaging infrastructure to identify all instances of the vulnerable client and prioritize patching. As a long-term strategy, projects should migrate away from .NET binary serialization, replacing it with safer serialization formats such as JSON or Protocol Buffers, which are less prone to deserialization attacks. Network segmentation and strict firewall rules should be applied to limit client connections to trusted AMQP servers only. Implementing runtime application self-protection (RASP) or endpoint detection and response (EDR) solutions can help detect and block suspicious deserialization activities. Developers should review and harden deserialization logic, employing allowlists that are rigorously tested against bypass attempts. Monitoring logs for unusual AMQP server responses or client crashes can provide early warning of exploitation attempts. Finally, organizations should stay informed about updates from Apache and .NET regarding serialization security to adapt defenses accordingly.