CVE-2024-20953CISA KEVEPSS p87.3%

CVE-2024-20953Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability

Oracle / Agile Product Lifecycle Management (PLM)

Description

Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the system.

Scoring

EPSS3.40% probability of exploitation · percentile 87.3% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2025-02-24

(incoming)1

TypeTargetConfidenceTier
KEVEntryOracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerabilitykev-cve-2024-209530%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-21556
CVE
Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability
CVE
CVE-2025-21564
CVE
CVE-2026-21969
CVE
Oracle WebLogic Server Remote Code Execution Vulnerability
CVE
Oracle ADF Faces Deserialization of Untrusted Data Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.