CVE-2025-11670

Published Dec 15, 2025

Last updated 3 months ago

CVSS medium 6.4

Overview

Description
Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure.  This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled.
Source
0fc0942c-577d-436f-ae8e-945763c79b02
NVD status
Analyzed
Products
manageengine_admanager_plus

Risk scores

CVSS 3.1

Type
Primary
Base score
4.3
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Severity
MEDIUM

Weaknesses

0fc0942c-577d-436f-ae8e-945763c79b02
CWE-200
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. CVE-2025-11670 NTLM Hash Exposure Vulnerability in ManageEngine ADManager Plus Before 8025 https://t.co/9w2642TWVG

    @VulmonFeeds

    15 Dec 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component.CVE-2025-10020
  2. Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option.CVE-2024-24409
  3. Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report.CVE-2024-48878
  4. Zoho ManageEngine Multiple Products Remote Code Execution VulnerabilityCVE-2022-47966
  5. /LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows attackers to conduct URL Redirection attacks via the src parameter, resulting in a bypass of CSRF protection, or potentially masquerading a malicious URL as trusted.CVE-2017-17552

References

Sources include official advisories and independent security research.