Frisco, Texas, July 6, 2023

Netwrix Statement on CVE-2022-31199

We are again advising all Netwrix Auditor customers to upgrade to version 10.5.10977.0

Netwrix, a cybersecurity vendor that makes data security easy, in response to CISA’s Cybersecurity Advisory (CSA) of July 6, 2023, is again advising all Netwrix Auditor customers to upgrade to version 10.5.10977.0 and to ensure that no Netwrix Auditor systems are exposed to the internet.

These remediation steps address a vulnerability (CVE-2022-31199) in earlier versions of Netwrix Auditor. This vulnerability may permit an attacker to execute arbitrary code on a Netwrix Auditor system that is exposed to the internet, contrary to deployment best practices. While customers whose Netwrix Auditor systems are not exposed to the internet are at low risk, all customers should upgrade to version 10.5.10977.0. Customers whose Netwrix Auditor systems are exposed to the internet should prevent access from the internet without delay.

The following is an overview of the history of the issue:

On June 6, 2022, Netwrix released version 10.5.10936.0 of Netwrix Auditor, which included a remediation for CVE-2022-31199, published a security advisory and notified customers to update Netwrix Auditor as soon as possible. Netwrix also advised customers to follow the best practice, of not exposing Netwrix Auditor systems to the internet.

On October 27, 2022, Netwrix released Netwrix Auditor version 10.5.10977.0 to address additional vectors of exploitation that were discovered during an internal security review. Customers were advised to upgrade to this version.

At this time, Netwrix also learned of the first known attempt by a threat actor to exploit CVE-2022-31199 in a customer’s environment. The available evidence suggests that all the compromised systems were exposed to the internet. Netwrix promptly updated the security advisory to include the indicators of compromise (IOCs) collected by the customer and notified all other customers, consistent with best security practices. On December 12, 2022, Netwrix updated the advisory to reflect additional evidence of the same threat actor’s attempts to exploit the vulnerability.

about netwrix corporation

Netwrix makes data security easy. Since 2006, Netwrix solutions have been simplifying the lives of security professionals by enabling them to identify and protect sensitive data to reduce the risk of a breach, and to detect, respond to and recover from attacks, limiting their impact. More than 13,500 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.

For more information, visit

contact us

Your questions and feedback are always welcome. Please dial our toll-free number: 888 - 638 - 9749, or enter your question details here and we will reply as soon as possible.

Media contact

Erin Jones, Avista PR for Netwrix
Phone: 704 - 664 - 2170

Follow us