CVE-2022-31199

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability
Entry Details

CVE-2022-31199

Confirmed

Yes

2023-07-11 00:00 UTC

Timestamps

2023-07-11

2023-07-11

Scope

KEV entry: Netwrix Auditor Insecure Object Deserialization Vulnerability | Affected: Netwrix / Auditor | Description: Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP, which is commonly blocked by standard enterprise firewalling. | Required action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable. | Due date: 2023-08-01 | Known ransomware campaign use (KEV): Known | Notes (KEV): Patch application requires login to customer portal: https://security.netwrix.com/Account/SignIn?ReturnUrl=%2FAdvisories%2FADV-2022-003; https://nvd.nist.gov/vuln/detail/CVE-2022-31199

References
  • {'id': 'CVE-2022-31199', 'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-31199'}

9d84be9b-02f1-4692-a938-9055c7f50562

405284c2-e461-4670-8979-7fd2c9755a60

2026-02-02 13:24 UTC

2026-02-06 07:53 UTC

Evidence (1)
Type Source Signal Confidence Details GCVE Metadata
vendor_report cisa-kev successful_exploitation 0.80
View details 
{
  "cwes": [
    "CWE-502",
    "CWE-122"
  ],
  "date_added": "2023-07-11",
  "due_date": "2023-08-01",
  "feed": "CISA Known Exploited Vulnerabilities Catalog",
  "knownRansomwareCampaignUse": "Known",
  "product": "Auditor",
  "vendorProject": "Netwrix",
  "vulnerabilityName": "Netwrix Auditor Insecure Object Deserialization Vulnerability"
}
 -
Export Options
JSON Object JSON API View Full Catalog