CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Aug 1, 2023
Description
Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling.
EPSS — Exploit Probability
Higher than 90.4% of all CVEs
Required Action
Patch application requires login to customer portal: https://security.netwrix.com/Account/SignIn?ReturnUrl=%2FAdvisories%2FADV-2022-003; https://nvd.nist.gov/vuln/detail/CVE-2022-31199
Risk Assessment
HIGHDetails
- Severity
- High
- EPSS
- 5.9%
- CISA KEV
- Yes
- Ransomware
- Known
- Articles
- 0
Timeline
Published
Jul 11, 2023
Added to KEV
Jul 11, 2023
Remediation Due
Aug 1, 2023