CVE-2019-9565

Published: Mar 4, 2019

Modified: Sep 16, 2024

PUBLISHED

Description

Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 before 10.1.2147 allows remote attackers to steal NTLM hashes or perform SMB relay attacks upon a direct launch of the product, or upon an indirect launch via an integration such as Chrome, Firefox, Word, Outlook, etc. This occurs because the product attempts to access a share with the PLUG-INS subdomain name; an attacker may be able to use Active Directory Domain Services to register that name.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gosecure.net/2019/02/20/abusing-unsafe-defaults-in-active-directory/

x_refsource_MISC

https://www.druide.com/en/news/security-improvement-antidote-windows

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-9565

Description

Affected Products

References