Red Timmy Sec

**Name of the Vulnerable Software and Affected Versions** NICE Engage versions prior to 6.6 **Description** The issue concerns the default configuration of NICE Engage, where an unauthenticated JMX/RMI interface is bound to all network interfaces without restrictions on MBean registration. This allows remote attackers to execute arbitrary code via the RMI protocol using the JMX connector. The observed affected TCP port is 6338, but other ports could be vulnerable based on the product's configuration. **Recommendations** For versions prior to 6.6, restrict access to the JMX/RMI interface by binding it to a specific network interface or limiting MBean registration to prevent remote code execution. As a temporary workaround, consider disabling the JMX/RMI interface until a patch is available. Restrict access to the affected TCP port, which is observed to be 6338, to minimize the risk of exploitation.