Federal civilian businesses have been ordered to patch a vulnerability impacting Trimble Cityworks — a preferred instrument utilized by many governments to handle public infrastructure.
The Cybersecurity and Infrastructure Safety Company (CISA) launched a warning alongside Trimble on Thursday about CVE-2025-0994 after confirming it’s being exploited by hackers. Federal civilian businesses have till February 28 to patch the bug.
Trimble Cityworks is an asset administration system utilized by many native and federal authorities businesses to handle infrastructure belongings for airports, utilities, municipalities and counties.
CISA stated the vulnerability permits malicious actors to “probably conduct distant code execution (RCE) in opposition to a buyer’s Microsoft Web Data Providers (IIS) internet server.”
In a letter to prospects, the corporate stated the discover adopted “investigations of studies of unauthorized makes an attempt to realize entry to particular prospects’ Cityworks deployments.”
A patch was launched on January 29 and the corporate listed a number of different actions prospects have to take to cut back the publicity of information. Clients ought to restrict permissions linked to Cityworks and the system “shouldn’t be run with native or area degree administrative privileges on any website.”
The corporate additionally offered indicators of compromise alongside the letter. CISA stated Trimble reported the vulnerability to them and Symantec’s Risk Hunter crew contributed to the advisory they launched in regards to the bug.
The bug carries a CVSS v4 severity rating of 8.4 out of 10. All Cityworks variations prior to fifteen.8.9 are impacted by the vulnerability.
Trimble didn’t reply to requests for remark about what actions the hackers took after exploiting CVE-2025-0994 or the place the hackers could also be based mostly.
Trimble is a big Colorado-based expertise supplier, with greater than 11,000 staff throughout about 40 nations. The corporate reported a income of $875.8 million within the final fiscal quarter.
The Cityworks instrument permits prospects to handle important infrastructure belongings from one platform and set up inspections, work orders, permits, operations and extra.
A couple of yr in the past, agricultural tools producer AGCO acquired an 85% stake in Trimble’s agribusiness for $2 billion in money. AGCO suffered a ransomware assault in 2022 that impacted its enterprise operations.
Recorded Future
Intelligence Cloud.
Study extra.
