Primary

Context

StrongDM Windows Service Root Certificate Management Vulnerability

Vulnerability

A vulnerability exists in the StrongDM Windows service due to improper handling of system certificate management communication. This flaw allows attackers to install untrusted root certificates or remove trusted ones. The issue affects all Windows client application CLI versions prior to 47.50.0.

Impact

Exploitation of this vulnerability could lead to the unauthorized installation of root certificates, potentially allowing for man-in-the-middle attacks, or the removal of trusted certificates, disrupting secure communications.

Remediation

Users should update to StrongDM Windows client application CLI version 47.50.0 or later.

Added: Aug 20, 2025, 5:23 PM

Updated: Aug 20, 2025, 5:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

StrongDM Windows Service Root Certificate Management Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating