Craft CMS RCE (CVE-2025-32432)
Description
Craft CMS versions prior to the patched release contain a remote code execution vulnerability stemming from an insecure deserialization flaw in the underlying Yii2 framework (CVE-2024-4990). This vulnerability allows attackers to execute arbitrary PHP code on the server by exploiting how the application processes serialized data. The vulnerability has been actively exploited in the wild, making immediate remediation critical.
Remediation
Immediately upgrade Craft CMS to version 5.4.11, 5.5.7, or later depending on your current version branch. Follow these steps:
1. Back up your database and files before upgrading
2. Review the official Craft CMS upgrade guide for your version at https://craftcms.com/docs
3. Update Craft CMS using Composer:
composer update craftcms/cms --with-dependencies
4. Run database migrations if prompted
5. Clear all caches after upgrading
6. Verify the upgrade was successful by checking the version in the control panel
If immediate patching is not possible, implement network-level restrictions to limit access to the Craft CMS installation to trusted IP addresses only. Monitor logs for suspicious activity and indicators of compromise.