Primary

Context

Sage 200 Spain SMB Forced Authentication Vulnerability Allowing NTLMv2-SSP Hash Retrieval

Vulnerability

Patched

A vulnerability exists in Sage 200 Spain versions prior to 2025.35.000, allowing authenticated attackers with administrator privileges to exploit SMB forced authentication. By altering any file path to a UNC path that points to a server controlled by the attacker, the NTLMv2-SSP hash can be obtained.

Impact

Exploitation of this vulnerability allows for the retrieval of NTLMv2-SSP hashes, which could be used in pass-the-hash attacks or to gain unauthorized access to resources.

Remediation

Users can upgrade to Sage 200 Spain version 2025.35.000 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sage 200 Spain SMB Forced Authentication Vulnerability Allowing NTLMv2-SSP Hash Retrieval

Vulnerability

Impact

Remediation

Affected Products

Sage 200 Spain

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating