CVE-2025-29745
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-05

Last updated on: 2025-08-05

Assigner: MITRE

Description
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S (Emsisoft Custom Scan) extension file.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-05
Last Modified
2025-08-05
Generated
2026-05-07
AI Q&A
2025-08-05
EPSS Evaluated
2026-05-05
NVD
CVE-2025-29745
EUVD
EUVD-2025-23622
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
emsisoft anti-malware 2024.9.0.12546
emsisoft anti-malware *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in Emsisoft Anti-Malware prior to version 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information by using a specially crafted A2S (Emsisoft Custom Scan) extension file. Essentially, the software improperly handles these files, leading to the exposure of authentication hashes. [1]


How can this vulnerability impact me? :

The vulnerability can lead to the disclosure of Net-NTLMv2 hashes, which are authentication credentials. An attacker who obtains these hashes could potentially use them to impersonate users or gain unauthorized access to systems, compromising security. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart