Netwrix Auditor Bug Could Lead to Active Directory Domain Compromise

Netwrix IT asset tracker and compliance auditor, used across more than 11,500 organizations, contains a critical Insecure Object Deserialization vulnerability that could lead to Active Directory domain compromise, a new advisory warns.

The CVE is pending, according to Bishop Fox, which just released details of the vulnerability, which affects all older supported versions of the Netwrix application versions, back to 9.96.

Organizations should immediately update their Netwrix applications to the latest version, 10.5, released on June 6, to protect their systems, the researchers urge.

The bug was discovered by an nmap TCP port scan of a Netwrix Auditor server, the Bishop Fox alert says. “The Netwrix Auditor application is affected by an insecure object deserialization issue that allows an attacker to execute arbitrary code with the privileges of the affected service,” the Bishop Fox team says. “In a typical real-world scenario, Netwrix Auditor services would be running with a highly privileged account, which could lead to full compromise of the Active Directory environment.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Source

Netwrix IT asset tracker and compliance auditor, used across more than 11,500 organizations, contains a critical Insecure Object Deserialization vulnerability that could lead to Active Directory domain compromise, a new advisory warns.

The CVE is pending, according to Bishop Fox, which just released details of the vulnerability, which affects all older supported versions of the Netwrix application versions, back to 9.96.

Organizations should immediately update their Netwrix applications to the latest version, 10.5, released on June 6, to protect their systems, the researchers urge.

The bug was discovered by an nmap TCP port scan of a Netwrix Auditor server, the Bishop Fox alert says. “The Netwrix Auditor application is affected by an insecure object deserialization issue that allows an attacker to execute arbitrary code with the privileges of the affected service,” the Bishop Fox team says. “In a typical real-world scenario, Netwrix Auditor services would be running with a highly privileged account, which could lead to full compromise of the Active Directory environment.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

A series of vulnerabilities on the popular asset management platform Device42 could be exploited to give attackers full root access to the system, according...

Top 5 best backup practices

Give yourself peace of mind by implementing a new backup strategy with our tips....

Indian Power Sector targeted with latest LockBit 3.0 variant

Estimated reading time: 5 minutesAfter the infamous Conti ransomware group was disbanded, its former members began to target the energy and power sectors...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!