NTLM Hash Exposure in Zohocorp ManageEngine ADManager Plus
CVE-2025-11670

6.4MEDIUM

Key Information:

Vendor: Zohocorp
Status: Manageengine Admanager Plus
Vendor: CVE Published:; 15 December 2025

What is CVE-2025-11670?

Zohocorp's ManageEngine ADManager Plus versions prior to 8025 are susceptible to a serious vulnerability that allows technicians with the 'Impersonate as Admin' capability to expose NTLM hash values. This vulnerability can lead to unauthorized access and security breaches if exploited, highlighting the importance of keeping your software updated and monitoring access rights for administrative features.

Affected Version(s)

ManageEngine ADManager Plus 0 < 8025

References

https://www.manageengine.com/products/ad-manager/admanage...

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 15, 2025
Vulnerability Reserved
Oct 13, 2025

JSON