Executive Summary
Two vulnerabilities affecting Netwrix Password Secure were reported to Netwrix by indepenent security researchers. These vulnerabilities – affecting the documents and applications sharing functionality – could allow an attacker who has authenticated to the product successfully to execute arbitrary code.
Acknowledgements
We thank Marcel Fromkorth and Paul Pöpperl from 8com GmbH & Co. KG for their coordinated disclosure of the vulnerabilities and their effort and partnership in improving the security of our products.
Vulnerability
| Title | Affected Component | Affected Versions | CVSS 4.0 Score | CVSS 3.1 Score (Base / Temporal) | Description |
|---|---|---|---|---|---|
| Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817) | Netwrix Password Secure | <= 9.2.1 | 7.3 | 8.0 / 7.2 | An authenticated attacker can create a malformed shared document which when opened by the target user can result in arbitrary code execution. |
| Authenticated Code Injection in Netwrix Password Secure (CVE-2025-26818) | Netwrix Password Secure | <= 9.2.1 | 4.7 | 7.9 / 7.1 | An authenticated attacker with privileges to create SSH applications can create a malformed SSH application which when opened by the target user can result in arbitrary code execution on the SSH target endpoint. |
Exploitability
Factors such as whether details about the vulnerability are publicly known, whether an exploit is readily available, or whether adversaries are actively exploiting the vulnerability are valuable in making risk-based judgments about urgency and priority; customers should use the information below in making those decisions.
| Title | Publicly known? | Exploit available? | Actively exploited? |
|---|---|---|---|
| Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817) | Yes | No | No |
| Authenticated Code Injection in Netwrix Password Secure (CVE-2025-26818) | Yes | No | No |
Solution
Customers utilizing Netwrix Password Secure are advised to update Netwrix Password Secure to version 9.2.2.
Instructions for the Netwrix Password Secure Client update process can be found in the following help center article:
Netwrix Password Secure Update
Official Fixes
Updated software has been released containing official fixes as indicated in the table below.
| Title | Version |
|---|---|
| Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817) | 9.2.2 |
| Authenticated Code Injection in Netwrix Password Secure (CVE-2025-26818) | 9.2.2 |
FAQ
-
How do I determine the currently installed versions of Netwrix Password Secure?
- The client version is displayed in the window headline and footer.
- The server version is displayed on the splash screen and can also be found in the properties of the PsrServer.exe file.
Revisions
Updates to this advisory may be made as necessary. Information about each change will be published in the table below.
| Revision | Date | Description |
|---|---|---|
| 1 | 2025-04-01T13:00:00Z | First published |
Disclaimer
The information and materials included in or linked to this Security Advisory are provided on an “as-is” basis and without warranty of any kind, and we disclaim all representations and warranties of any kind, whether express or implied, including warranties of merchantability and fitness for a particular use. You acknowledge and agree that your use of the information and materials included in or linked to this Security Advisory are at your own risk.