Netwrix Auditor 
Netwrix Enterprise Auditor 
Netwrix Data Classification 
Netwrix GroupID 
Netwrix Privilege Secure 
Netwrix Endpoint Protector 
Frisco, Texas, July 6, 2023
Netwrix Statement on CVE-2022-31199
We are again advising all Netwrix Auditor customers to upgrade to version 10.5.10977.0
Netwrix, a cybersecurity vendor that makes data security easy, in response to CISA’s Cybersecurity Advisory (CSA) of July 6, 2023, is again advising all Netwrix Auditor customers to upgrade to version 10.5.10977.0 and to ensure that no Netwrix Auditor systems are exposed to the internet.
These remediation steps address a vulnerability (CVE-2022-31199) in earlier versions of Netwrix Auditor. This vulnerability may permit an attacker to execute arbitrary code on a Netwrix Auditor system that is exposed to the internet, contrary to deployment best practices. While customers whose Netwrix Auditor systems are not exposed to the internet are at low risk, all customers should upgrade to version 10.5.10977.0. Customers whose Netwrix Auditor systems are exposed to the internet should prevent access from the internet without delay.
The following is an overview of the history of the issue:
On June 6, 2022, Netwrix released version 10.5.10936.0 of Netwrix Auditor, which included a remediation for CVE-2022-31199, published a security advisory and notified customers to update Netwrix Auditor as soon as possible. Netwrix also advised customers to follow the best practice, of not exposing Netwrix Auditor systems to the internet.
On October 27, 2022, Netwrix released Netwrix Auditor version 10.5.10977.0 to address additional vectors of exploitation that were discovered during an internal security review. Customers were advised to upgrade to this version.
At this time, Netwrix also learned of the first known attempt by a threat actor to exploit CVE-2022-31199 in a customer’s environment. The available evidence suggests that all the compromised systems were exposed to the internet. Netwrix promptly updated the security advisory to include the indicators of compromise (IOCs) collected by the customer and notified all other customers, consistent with best security practices. On December 12, 2022, Netwrix updated the advisory to reflect additional evidence of the same threat actor’s attempts to exploit the vulnerability.
about netwrix corporation
Netwrix champions cybersecurity to ensure a brighter digital future for any organization. Netwrix's innovative solutions safeguard data, identities, and infrastructure reducing both the risk and impact of a breach for more than 13,500 organizations across 100+ countries. Netwrix empowers security professionals to face digital threats with confidence by enabling them to identify and protect sensitive data as well as to detect, respond to, and recover from attacks.
For more information, visit www.netwrix.com.
contact us
Your questions and feedback are always welcome. Please dial our toll-free number: 888 - 638 - 9749, or enter your question details here and we will reply as soon as possible.
Media contact
Erin Jones, Avista PR for Netwrix
Phone: 704 - 664 - 2170