Static Code Injection Vulnerability in Netwrix Directory Manager by Netwrix
CVE-2025-54393

5.4MEDIUM

Key Information:

Vendor

Netwrix

Status
Netwrix Directory Manager
Vendor
CVE Published:
7 August 2025

What is CVE-2025-54393?

Static code injection affects versions of Netwrix Directory Manager prior to 11.1.25162.02, allowing authenticated users to execute arbitrary code and potentially gain administrative access. This vulnerability can lead to unauthorized configuration changes and compromise overall security, making it essential for users to upgrade to the latest version to mitigate risks.

References

https://community.netwrix.com/t/adv-2025-015-critical-vul...

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.