Medium Published: Dec 15, 2025

CVE-2025-11670

6.4 CVSS Score Medium

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Export CVE-2025-11670 Data:

Link copied!

Description

Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure.
This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Changed

Confidentiality Low

Integrity Low

Availability None

Weaknesses (CWE)

CWE-200

References & External Links

https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2025-11670.html

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker