CVE-2025-34180

Unknown Unknown - Not Provided

Reversible Key Exposure in NetSupport Manager Enables Unauthorized Access

Publication date: 2025-12-15

Last updated on: 2025-12-15

Assigner: VulnCheck

Description

NetSupport Manager < 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The key is stored using a reversible encoding scheme. An attacker who obtains access to a deployed client configuration file can decode the stored value to recover the plaintext Gateway Key. Possession of the Gateway Key allows unauthorized access to NetSupport Manager connectivity services and enables remote control of systems managed through the same key.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2025-12-15

Last Modified

2025-12-15

Generated

2026-06-16

AI Q&A

2025-12-15

EPSS Evaluated

2026-06-15

NVD

CVE-2025-34180

EUVD

EUVD-2025-203379

Affected Vendors & Products

Vendor	Product	Version / Range
netsupport	netsupport_manager	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-257	The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.

CWE ID

Description

CWE-257

The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.

Attack-Flow Graph

Executive Summary

CVE-2025-34180 is a vulnerability in NetSupport Manager versions prior to 14.12.0001 where the Gateway Key used for authentication between Manager/Control, Client, and Connectivity Server components is stored using a reversible encoding scheme. This means an attacker who obtains access to a deployed client configuration file can decode the stored value to recover the plaintext Gateway Key. With this key, the attacker can gain unauthorized access to NetSupport Manager connectivity services and remotely control systems managed with the same key. [2]

Impact Analysis

If exploited, this vulnerability allows an attacker to recover the plaintext Gateway Key from a client configuration file, enabling unauthorized access to NetSupport Manager connectivity services. This unauthorized access can lead to remote control of systems managed through the compromised Gateway Key, potentially resulting in loss of confidentiality, integrity, and availability of those systems. [2]

Detection Guidance

Detection involves identifying deployed NetSupport Manager client configuration files that contain the Gateway Key stored with reversible encoding. You can locate these configuration files (such as Client32u.ini) on client systems and inspect the Gateway Key field. Since the key is reversibly encoded, decoding scripts or tools can be used to check if the stored key is in the vulnerable format. Specific commands are not provided in the resources, but searching for the configuration files and examining the Gateway Key entries is the recommended approach. [2, 1]

Mitigation Strategies

Immediately upgrade all NetSupport Manager components (Gateways, Controls, and Clients) to version 14.12.0001, which replaces the weak reversible encoding with AES encryption for the Gateway Key. After updating, if you suspect the Gateway Key has been compromised, generate and apply a new Gateway Key and migrate all Clients and Controls to use the new key. Additionally, update any Active Directory or Intune policies that assign Gateway connection details to replace old encrypted Gateway Key values with the new AES-encrypted keys. Follow the installation and policy update instructions provided by NetSupport to ensure secure deployment. [1]

Compliance Impact

The provided resources do not explicitly discuss the impact of CVE-2025-34180 on compliance with common standards and regulations such as GDPR or HIPAA. However, since the vulnerability allows unauthorized access to systems through recovery of the plaintext Gateway Key, it could potentially lead to unauthorized data access or control, which may violate data protection and privacy requirements under such regulations. No direct statements or guidance on compliance impact are given. [1, 2, 3]

Hi! I’m here to help you understand CVE-2025-34180. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2025-34180

Reversible Key Exposure in NetSupport Manager Enables Unauthorized Access

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart