Martin Lemay

**Name of the Vulnerable Software and Affected Versions** Druide Antidote RX, HD versions 8 before 8.05.2287 Druide Antidote RX, HD versions 9 before 9.5.3937 Druide Antidote RX, HD versions 10 before 10.1.2147 **Description** The issue allows remote attackers to steal NTLM hashes or perform SMB relay attacks when the product is launched directly or indirectly via integrations like Chrome, Firefox, Word, or Outlook. This occurs because the product attempts to access a share with the PLUG-INS subdomain name, which an attacker may be able to register using Active Directory Domain Services. **Recommendations** For versions 8 before 8.05.2287, update to version 8.05.2287 or later to resolve the issue. For versions 9 before 9.5.3937, update to version 9.5.3937 or later to resolve the issue. For versions 10 before 10.1.2147, update to version 10.1.2147 or later to resolve the issue.