EXECUTIVE SUMMARY:
A critical vulnerability (CVE-2025-26817) has been identified in Netwrix Password Secure, affecting versions up to 9.2.2. This flaw allows authenticated users to execute arbitrary code on target machines by exploiting a weakness in the document sharing feature. Specifically, while the application enforces file type validation during initial uploads, it fails to re-validate the file path when updating existing document links. This oversight permits attackers to change the document path to point to executable files like PowerShell.exe while retaining the original file type designation, such as "pdf," thereby bypassing security checks. [/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
A critical vulnerability (CVE-2025-26817) has been identified in Netwrix Password Secure, affecting versions up to 9.2.2. This flaw allows authenticated users to execute arbitrary code on target machines by exploiting a weakness in the document sharing feature. Specifically, while the application enforces file type validation during initial uploads, it fails to re-validate the file path when updating existing document links. This oversight permits attackers to change the document path to point to executable files like PowerShell.exe while retaining the original file type designation, such as "pdf," thereby bypassing security checks. [emaillocker id="1283"]
RECOMMENDATION:
We recommend you upgrade to Netwrix to versions above 9.2.2.
REFERENCES:
The following reports contain further technical details:
https://cybersecuritynews.com/netwrix-password-manager-vulnerability/