Primary

Context

ManageEngine ADManager Plus NTLM Hash Exposure Vulnerability

Vulnerability

Patched

A vulnerability allowing NTLM hash exposure has been identified in ManageEngine ADManager Plus versions prior to 8025. This issue affects the service account configured in ADManager Plus, exposing its NTLM hash to authorized technicians. The vulnerability is exploitable only by technicians with the 'Impersonate as Admin' option enabled.

Impact

Technicians with the 'Impersonate as Admin' option enabled could retrieve the NTLM hash of a service account, potentially leading to unauthorized access or privilege escalation.

Remediation

Users are advised to update their ADManager Plus instance to the latest build by installing the available service pack.

Added: Dec 15, 2025, 11:20 AM

Updated: Dec 15, 2025, 7:05 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.4

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.4

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ManageEngine ADManager Plus NTLM Hash Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

ManageEngine ADManager Plus

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating