Microsoft recently released a critical security advisory for ASP .NET Core (CVE-2025-55315), along with the corresponding patches. While the impact on DataMiner is limited, we highly recommend updating your .NET runtime to the latest version to keep your system secure.
The advisory provides only limited technical details about the vulnerability, which makes it difficult to fully estimate the potential impact. DataMiner itself does not rely on ASP .NET Core, but some DataMiner Extension Modules (DxMs) do. These modules could be affected; however, we expect the overall impact to be limited.
Patches are available for ASP .NET Core 8, 9, and 10. DataMiner currently only requires ASP .NET Core 8, which you can safely update with the latest patch.
Older DataMiner versions relied on ASP.NET Core 5 and 6, which are now end-of-life and no longer receive updates. No patches exist for these versions, and we cannot rule out potential vulnerabilities in these older runtimes. If you are still using them, we strongly recommend upgrading to a newer DataMiner version that requires only ASP.NET Core 8.