What happened

CISA added CVE-2019-9875 to the Known Exploited Vulnerabilities (KEV) catalog on 2025-03-26, assigning a remediation due date of 2025-04-16 for U.S. federal agencies per KEV guidance CISA KEV. The flaw is a deserialization vulnerability in Sitecore CMS and Experience Platform (XP) within the Sitecore.Security.AntiCSRF module that enables an authenticated attacker to execute arbitrary code by POSTing a serialized .NET object in the __CSRFTOKEN parameter CISA KEV. The NVD entry tracks this as CWE-502 (Deserialization of Untrusted Data) under CVE-2019-9875 NVD CVE-2019-9875, with the CVE record mirrored at MITRE MITRE CVE-2019-9875.

CISA’s required action is to apply vendor mitigations (or discontinue use if unavailable), consistent with KEV policy CISA KEV. The KEV inclusion signals confirmed exploitation in the wild of this specific Sitecore issue CISA KEV.

Why it matters

Authenticated remote code execution (RCE) on a CMS/XP platform is a high-utility foothold for attackers. Once logged in (via credential theft or reuse), a crafted POST can convert a web session into server-side code execution through unsafe deserialization NVD CVE-2019-9875. KEV listing means defenders should treat exploitation risk as active, not theoretical, and prioritize mitigation on an accelerated timeline CISA KEV. The CVE explicitly cites deserialization of an attacker-controlled .NET object in the __CSRFTOKEN parameter, elevating a seemingly protective anti-CSRF mechanism into an RCE vector MITRE CVE-2019-9875.

CWE-502 vulnerabilities commonly allow arbitrary code paths to be invoked if an application deserializes untrusted input, making exploit reliability comparatively high once a valid authenticated context exists NVD CVE-2019-9875. CMS backends often run with powerful application pool identities, so a single compromised content management session can become a server compromise with lateral movement potential CISA KEV.

Technical detail

Per the KEV note, the vulnerable code path resides in Sitecore.Security.AntiCSRF, which accepts a serialized .NET object via the __CSRFTOKEN POST parameter and processes it within an authenticated session boundary CISA KEV. If the module deserializes attacker-supplied data without strict type whitelisting or integrity validation, deserialization can trigger gadget chains leading to arbitrary code execution (CWE-502) NVD CVE-2019-9875.

Key risk factors derived from the CVE and CWE classification:

• Attacker control of deserialization input (__CSRFTOKEN) within an authenticated session creates a direct path to invoke unsafe object graphs MITRE CVE-2019-9875.
• Anti-CSRF tokens are expected to be integrity-protected; if the application trusts client-provided serialized state without robust verification, token handling becomes an attack surface NVD CVE-2019-9875.
• Deserialization flaws frequently bypass input filters because payloads ride in expected parameters and formats, evading naive WAF rules CISA KEV.

Operationally, exploitation flow looks like this, as implied by the CVE description:

1) Acquire valid authentication (phish, credential stuffing, session theft). 2) Craft a serialized .NET object designed to trigger a gadget chain on deserialization. 3) Send a POST carrying the payload in __CSRFTOKEN to a vulnerable endpoint handled by the AntiCSRF module. 4) Achieve code execution under the Sitecore application context MITRE CVE-2019-9875. While the CVE does not enumerate specific gadget chains or versions, the CWE-502 classification underscores that untrusted deserialization can directly translate to RCE if reachable NVD CVE-2019-9875.

Defense

• Patch and vendor guidance: Follow Sitecore’s mitigation guidance immediately; CISA mandates remediation for KEV-listed issues with a short fuse for government networks CISA KEV.
• Access control: Restrict admin/CM panel exposure to trusted networks and enforce MFA to harden the authenticated prerequisite for exploitation CISA KEV.
• Compensating controls: If patching is delayed, deploy strict allow-listing on deserialization paths or block/inspect anomalous __CSRFTOKEN payloads at the edge where feasible NVD CVE-2019-9875.
• Monitoring: Hunt for unusually large or high-entropy __CSRFTOKEN parameters, spikes in POSTs to authenticated endpoints, and server-side anomalies (unexpected child processes, script interpreters, or command shells spawned by the web worker) aligned to suspected requests MITRE CVE-2019-9875.
• Credential hygiene: Rotate credentials for privileged Sitecore users and invalidate active sessions post-remediation in case tokens were abused during exploitation windows CISA KEV.

For formal compliance, agencies should meet the KEV remediation due date (2025-04-16) and document mitigations per KEV policy CISA KEV.

Lyrie Verdict

This is a textbook authenticated-deserialization to RCE chain riding on a trusted anti-CSRF parameter. Lyrie’s autonomous detectors flag atypical serialized-object artifacts and entropy shifts in __CSRFTOKEN, correlate with session privilege elevation, and watch for server execution markers within seconds of the POST NVD CVE-2019-9875. Because KEV confirms active exploitation, defense must operate at machine speed: block or quarantine the session that presents anomalous __CSRFTOKEN payloads, and auto-isolate the host if post-request process telemetry suggests code execution CISA KEV. Our position: treat every suspicious __CSRFTOKEN deserialization signal as hostile until proven otherwise, with automated response paths tied directly to the CVE trigger conditions MITRE CVE-2019-9875.