CVE-2025-32874

An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized fashion. The method Encrypt(byte[] clearData) derives both the encryption key and the IV from a fixed, hardcoded input by using a static salt value. As a result, identical plaintext inputs always produce identical ciphertext outputs. This is true for both FIPS and non-FIPS generated passwords. In other words, there is a cryptographic implementation flaw in the password encryption mechanism. Although there are multiple encryption methods grouped under FIPS and non-FIPS classifications, the logic consistently results in predictable and reversible encrypted outputs due to the lack of per-operation randomness and encryption authentication.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 0.8 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://codykretsinger.com
https://galacticadvisors.com
https://www.galacticadvisors.com/release/critical-vulnerabilities-in-network-detective/
https://www.galacticadvisors.com/release/cve/

Configurations

No configuration.

History

24 Nov 2025, 16:15

Type	Values Removed	Values Added
CWE	~~CWE-311~~	CWE-326
CVSS	v2 : ~~unknown~~ v3 : ~~7.4~~	v2 : unknown v3 : 7.5

Information

Published : 2025-07-16 15:15

Updated : 2025-11-24 16:15

NVD link : CVE-2025-32874

Mitre link : CVE-2025-32874

CVE.ORG link : CVE-2025-32874

JSON object : View

Products Affected

No product.

CWE

CWE-326

Inadequate Encryption Strength

{"id": "CVE-2025-32874", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 0.8}]}, "published": "2025-07-16T15:15:26.290", "references": [{"url": "https://codykretsinger.com", "source": "[email protected]"}, {"url": "https://galacticadvisors.com", "source": "[email protected]"}, {"url": "https://www.galacticadvisors.com/release/critical-vulnerabilities-in-network-detective/", "source": "[email protected]"}, {"url": "https://www.galacticadvisors.com/release/cve/", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-326"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized fashion. The method Encrypt(byte[] clearData) derives both the encryption key and the IV from a fixed, hardcoded input by using a static salt value. As a result, identical plaintext inputs always produce identical ciphertext outputs. This is true for both FIPS and non-FIPS generated passwords. In other words, there is a cryptographic implementation flaw in the password encryption mechanism. Although there are multiple encryption methods grouped under FIPS and non-FIPS classifications, the logic consistently results in predictable and reversible encrypted outputs due to the lack of per-operation randomness and encryption authentication."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Kaseya Rapid Fire Tools Network Detective hasta la versi\u00f3n 2.0.16.0. Existe una vulnerabilidad en la clase EncryptionUtil debido a que el cifrado sim\u00e9trico se implementa de forma determinista y no aleatoria. El m\u00e9todo Encrypt(byte[] clearData) deriva tanto la clave de cifrado como el IV de una entrada fija y codificada mediante un valor de sal est\u00e1tico. Como resultado, las entradas de texto plano id\u00e9nticas siempre producen salidas de texto cifrado id\u00e9nticas. Esto aplica tanto para contrase\u00f1as generadas con FIPS como sin FIPS. En otras palabras, existe una falla de implementaci\u00f3n criptogr\u00e1fica en el mecanismo de cifrado de contrase\u00f1as. Si bien existen m\u00faltiples m\u00e9todos de cifrado agrupados bajo las clasificaciones FIPS y sin FIPS, la l\u00f3gica resulta consistentemente en salidas cifradas predecibles y reversibles debido a la falta de aleatoriedad por operaci\u00f3n y autenticaci\u00f3n de cifrado."}], "lastModified": "2025-11-24T16:15:48.897", "sourceIdentifier": "[email protected]"}