CVE-2026-25551— Seagull Software BarTender Deserialization Privilege Escalation via .NET Remoting Service
Possible ATT&CK Techniques 3AI
T1068 · Exploitation for Privilege Escalation T1055 · Process Injection T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Seagull Software, LLC. | BarTender 2021 | R1≤ 12.0.1 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-25551
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Seagull Software BarTender Deserialization Privilege Escalation via .NET Remoting Service
Source: NVD (National Vulnerability Database)
Vulnerability Description
Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remoting endpoint is bound to localhost on TCP port 7375 via BtSystem.Service.exe, limiting the attack surface to local access only. The endpoint is configured with BinaryServerFormatterSinkProvider and TypeFilterLevel set to Full. A low-privileged local attacker can send YSoSerial.NET-generated BinaryFormatter payloads to the localhost-bound endpoint to achieve code execution as NT AUTHORITY\\SYSTEM.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
可信数据的反序列化
Source: NVD (National Vulnerability Database)
Vulnerability Title
Seagull BarTender 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Seagull BarTender是美国Seagull公司的一款企业级标签、条码和RFID设计与打印软件。 Seagull BarTender 2021 R1至12.0.1版本存在代码问题漏洞,该漏洞源于不安全的反序列化问题,可能导致低权限本地用户通过发送特制有效载荷提升至SYSTEM权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Seagull Software, LLC. | BarTender 2021 | R1 ~ 12.0.1 | - |
II. Public POCs for CVE-2026-25551
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-25551
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-25551 (1)
Proof of Concept for CVE-2026-25551 (1)
- 🔗 Seagull BarTender - CVE-2026-25550 / CVE-2026-25551 · GitHub Read full article technical-descriptionexploit
Vendor Pages for CVE-2026-25551 (1)
IV. Related Vulnerabilities
Same weakness: CWE-502
- CVE-2026-48909
Joomla Extension - joomshaper.com - PHP Object injection in - CVE-2026-49286
PhpWeasyPrint vulnerable to PHAR deserialization via output - CVE-2025-27511
GeoServer DB2 DataStore Extension has a JNDI Vulnerability v - CVE-2026-8024
Deserialization vulnerability in ibaPDA and ibaDatCoordinato - CVE-2026-53805
NVIDIA SIL GEN3C Unauthenticated RCE via Pickle Deserializat
V. Comments for CVE-2026-25551
No comments yet