Venki Supravizio BPM NTLM Hash Leak Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability in Venki Supravizio BPM versions through 18.0.1 allows authenticated attackers with Application Administrator access to leak NTLM hashes, potentially leading to privilege escalation on the underlying host system.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation on the host system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Venki Supravizio BPM NTLM Hash Leak Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

Venki Supravizio BPM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating