Critical 9.3 CVSS Flaws Uncovered in Netwrix Password Secure

Netwrix has issued an urgent security advisory following an internal review that uncovered multiple high-severity vulnerabilities in its Netwrix Password Secure platform. The flaws affect both the desktop client and server components and could allow attackers to execute arbitrary code, potentially compromising sensitive credentials.

While the company is currently unaware of any active exploitation in the wild, the severity of these vulnerabilities has prompted a recommendation for all customers to apply available updates immediately.

The vulnerabilities stem from improper input validation within the application’s core components. Depending on the targeted component, the impact of a successful exploit varies in scope:

• Desktop Client (CVSS 9.0): Malformed requests can allow an attacker to execute arbitrary code directly on the desktop client. “Successful exploitation may allow an attacker to execute arbitrary code on the desktop client, potentially compromising the client and any credentials it holds”.
• Server Component (CVSS 9.3): A separate flaw exists in the server component. While this requires a higher level of initial access, the potential for damage is extreme. “Netwrix Password Secure does not perform sufficient validation of malformed requests. This may allow an attacker with highly privileged local access to execute arbitrary code on the server”.

Additionally, a third vulnerability (CVSS 7.1) was identified that could allow an attacker to perform a denial-of-service (DoS) attack against the server, disrupting password management services for the entire organization.

Netwrix has provided an exploitability assessment to help administrators prioritize their remediation efforts. Currently, none of the identified vulnerabilities are known to be public, nor are there readily available exploits or reports of active attacks.

However, the high CVSS scores reflect the significant risk posed if these details were to fall into the hands of threat actors.

Netwrix has released Version 26.3.100, which contains the official fixes for all described vulnerabilities.

Recommended Actions for Administrators:

• Immediate Update: Apply the update available via the Netwrix Customer Portal to all affected server and desktop installations.
• Consult Documentation: Follow the specific instructions for applying the update found in the Netwrix Password Secure update documentation.

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy