CVE-2023-29492
Novi Survey Insecure Deserialization Vulnerability
CVSS
—
No CVSS
EPSS
2.7%
p84
KEV
YES
Apr 13, 2023
Exploit Today
75
0-100
Published: — · Last modified: —
2.7%EPSS · 30 days2.7%
2026-06-302026-07-17
Product
Novi Survey / Novi Survey
Vulnerability
Novi Survey Insecure Deserialization Vulnerability
Added to KEV
Apr 13, 2023
Remediate by
May 4, 2023
Known ransomware use
No
Summary description
Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.
Required action
Apply updates per vendor instructions.
Notes
https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx; https://nvd.nist.gov/vuln/detail/CVE-2023-29492
No related CVEs by CWE or product.