COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2022-31199

CVE-2022-31199

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-07-11
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-31199
⚡ RCE ⌖ exploited in the wild shame 95/100 ransomwarerceexploited-in-wild

Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reac

Players implicated

Netwrix · vendorAuditor · product

Description

Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.