Binary deserialization vulnerabilities
Deserialization vulnerabilities fall into the category of threats related to the insecure processing of payloads.
When developing BusinessData, the category of threat associated with the impossibility of restoring (deserializing) the original data in the absence of a predetermined structure of the serialized data was taken into account,.
However, if your applications use binary serializers, we recommend that you conduct a separate risk assessment for them. The use of a binary serializer is entirely the responsibility of the consumer. Consumers should evaluate the security risks, technical issues, reputational damage, and legal and regulatory compliance risks that binary serializers entail.