ADV-2025-024 - Reflected Cross-Site Scripting in Netwrix Access Analyzer

netwrix-product-security · October 9, 2025, 12:00pm

Executive Summary

A vulnerability was identified in Netwrix Access Analyzer which may allow an attacker to execute arbitrary code within the context of a user’s web browser session. Successful exploitation requires user interaction with a maliciously crafted link.

While Netwrix is unaware of any current exploitation of this vulnerability, all Netwrix Access Analyzer customers are advised to apply the available update immediately.

Vulnerability

Title	Affected Component	Affected Versions	CVSS 4.0 Score	CVSS 3.1 Score (Base / Temporal)	Description
Reflected Cross-Site Scripting (CVE Pending)	Netwrix Access Analyzer	<11.6.0.173, <12.0.0.1187	5.9	5.9 / 5.2	A reflected cross-site scripting vulnerability was discovered in Netwrix Access Analyzer which may permit an attacker to execute arbitrary code within the context of the web browser.

Exploitability

Factors such as whether details about the vulnerability are publicly known, whether an exploit is readily available, or whether adversaries are actively exploiting the vulnerability are valuable in making risk-based judgments about urgency and priority; customers should use the information below in making those decisions.

Title	Publicly known?	Exploit available?	Actively exploited?
Reflected Cross-Site Scripting	No	No	No

Solution

All Netwrix Access Analyzer customers are advised to update Netwrix Access Analyzer to the fixed versions indicated in the Official Fixes table below as soon as possible.

Instructions for the Netwrix Access Analyzer upgrade process can be found in the Netwrix Access Analyzer Upgrade Documentation.

Please contact the Netwrix technical support team should you need assistance.

Official Fixes

Updated software has been released containing official fixes for the vulnerabilities as indicated in the table below.

Title	Version
Reflected Cross-Site Scripting	11.6.0.173, 12.0.0.1187

FAQ

How do I determine the current version of Netwrix Access Analyzer?

Please refer to this knowledge base article which shows how the version information can be viewed from the Help > About page.

Revisions

Updates to this advisory may be made as necessary. Information about each change will be published in the table below.

Revision	Date	Description
1	2025-10-09T12:00:00Z	First published

Disclaimer

The information and materials included in or linked to this Security Advisory are provided on an “as-is” basis and without warranty of any kind, and we disclaim all representations and warranties of any kind, whether express or implied, including warranties of merchantability and fitness for a particular use. You acknowledge and agree that your use of the information and materials included in or linked to this Security Advisory are at your own risk.

Topic	Replies	Views
ADV-2024-001 - Reflected Cross-site Scripting in Netwrix Password Manager General Security Information security-advisory	80	March 26, 2024
ADV-2025-012 - Open Redirect in Netwrix Access Analyzer and Access Information Center Security Advisories security-advisory , access-analyzer-security-advisory	214	May 8, 2025
ADV-2022-003 - Vulnerabilities in Netwrix Auditor Security Advisories security-advisory	111	June 6, 2022
ADV-2022-002 - Vulnerabilities in Netwrix SbPAM Security Advisories security-advisory	46	May 2, 2022
ADV-2023-004 - Authentication Bypass in Netwrix Usercube Security Advisories security-advisory	75	September 26, 2023