Executive Summary
A denial of service vulnerability in a third-party package was identified by internal security scanning, which may be reachable in Netwrix Threat Prevention.
While Netwrix is unaware of any current exploitation of this vulnerability, all Netwrix Threat Prevention customers are advised to apply the available update immediately.
Vulnerability
| Title | Affected Component | Affected Versions | CVSS 4.0 Score | CVSS 3.1 Score (Base / Temporal) | Description |
|---|---|---|---|---|---|
| Denial of Service (DOS) (CVE-2024-30172) | Netwrix Threat Prevention Server | >=1.0.0.0 <7.5.0.242 | 7.1 | 6.5 / 5.7 | Netwrix Threat Prevention utlizes the BouncyCastle C# .NET library for certain cryptographic operations. BouncyCastle C# .NET prior to 2.3.1 contains a Infinite Loop vulnerability. An attacker, who is in possession of certain secrets, may be able to exploit this vulnerability to perform a Denial of Service (DOS) attack on Netwrix Threat Prevention Server. |
Exploitability
Factors such as whether details about the vulnerability are publicly known, whether an exploit is readily available, or whether adversaries are actively exploiting the vulnerability are valuable in making risk-based judgments about urgency and priority; customers should use the information below in making those decisions.
| Title | Publicly known? | Exploit available? | Actively exploited? |
|---|---|---|---|
| Denial of Service (DOS) | No | No | No |
Solution
All Netwrix Threat Prevention customers are advised to update Netwrix Threat Prevention Server to version 7.5.0.242 or later as soon as possible.
Instructions for the Netwrix Threat Prevention upgrade process can be found in this help center article.
Please contact the Netwrix technical support team should you need assistance.
Official Fixes
Updated software has been released containing official fixes for the vulnerabilities as indicated in the table below.
| Title | Version |
|---|---|
| Denial of Service (DOS) | 7.5.0.242 |
FAQ
-
How do I determine which version of Netwrix Threat Prevention Server is in use?
The Netwrix Threat Prevention Server, and Administration Console, version is available by navigating to
Help -> About Netwrix Threat Prevention Administration Consolein the Administration Console.
Revisions
Updates to this advisory may be made as necessary. Information about each change will be published in the table below.
| Revision | Date | Description |
|---|---|---|
| 1 | 2025-10-20T12:00:00Z | First published |
Disclaimer
The information and materials included in or linked to this Security Advisory are provided on an “as-is” basis and without warranty of any kind, and we disclaim all representations and warranties of any kind, whether express or implied, including warranties of merchantability and fitness for a particular use. You acknowledge and agree that your use of the information and materials included in or linked to this Security Advisory are at your own risk.