CVE-2022-31199
Netwrix Auditor Insecure Object Deserialization Vulnerability
CVSS
—
No CVSS
EPSS
36.0%
p98
KEV
YES
Jul 11, 2023
Exploit Today
79
0-100
Published: — · Last modified: —
Product
Netwrix / Auditor
Vulnerability
Netwrix Auditor Insecure Object Deserialization Vulnerability
Added to KEV
Jul 11, 2023
Remediate by
Aug 1, 2023
Known ransomware use
Yes
Summary description
Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling.
Required action
Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Notes
Patch application requires login to customer portal: https://security.netwrix.com/Account/SignIn?ReturnUrl=%2FAdvisories%2FADV-2022-003; https://nvd.nist.gov/vuln/detail/CVE-2022-31199
No related CVEs by CWE or product.