An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for a domain authenticated user to send a crafted message to the Blue Prism Server and accomplish a remote code execution attack that is possible because of insecure deserialization. Exploitation of this vulnerability allows for code to be executed in the context of the Blue Prism Server service.
Conclusion & alert: CVE-2022-36119 is rated High Risk (71.1/100): CVSS High severity, with high exploitation likelihood (EPSS 6.91%, 91th percentile). Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term. EPSS rose +4.03% over the last day, indicating growing attacker interest. Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2025-10-15 | 2.88% | 6.91% | +4.03% |
| 2 | 2025-09-08 | 2.97% | 2.88% | -0.09% |
| 3 | 2025-09-02 | — | 2.97% | — |
Full EPSS history (21 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 8.8 | 3.1 | HIGH |
|
2.8 | 5.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| ssctech | blue_prism | >= 6.4, < 7.1 | cpe:2.3:a:ssctech:blue_prism:*:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://blueprism.com | Product |
| https://community.blueprism.com/discussion/security-vulnerability-notification-ssc-blue-prism-enterprise | Vendor Advisory |
| https://portal.blueprism.com/security-vulnerabilities-august-2022 | Permissions Required Vendor Advisory |