CVE-2025-3426

Published Apr 7, 2025

Last updated 2 months ago

Overview

Description: We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-engineer the application to gain insights into its internal workings, which can potentially lead to the discovery of sensitive information, business logic flaws, and other vulnerabilities. Utilizing this flaw, the attacker was able to identify the Hardcoded credentials from PortalUsersDatabase.dll, which contains .NET remoting definition. Inside the namespace PortalUsersDatabase, the class Users contains the functions CreateAdmin and CreateService that are used to initialize accounts in the Portal service. Both CreateAdmin and CreateService functions contain a hardcoded encrypted password along with its respective salt that are set with the function SetInitialPasswordAndSalt. This issue affects IntelliSpace Portal: 12 and prior; Advanced Visualization Workspace: 15.
Source: 20705f08-db8b-4497-8f94-7eea62317651
NVD status: Awaiting Analysis

Type: Secondary
Base score: 7.2
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:C/RE:M/U:Green
Severity: HIGH

Sources include official advisories and independent security research.