CVE-2024-20953

Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the system. Vendor/Product: Oracle Agile Product Lifecycle Management (PLM). Added to CISA KEV 2025-02-24; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.