Vulnerability Description
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netwrix | Auditor | < 10.5 |
Related Weaknesses (CWE)
References
- https://bishopfox.com/blog/netwrix-auditor-advisoryExploitThird Party Advisory
- https://bishopfox.com/blog/netwrix-auditor-advisoryExploitThird Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-US Government Resource
FAQ
What is CVE-2022-31199?
CVE-2022-31199 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remo...
How severe is CVE-2022-31199?
CVE-2022-31199 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-31199?
Check the references section above for vendor advisories and patch information. Affected products include: Netwrix Auditor.