CVE-2019-14482

Name of the Vulnerable Software and Affected Versions: AdRem NetCrunch version 10.6.0.4587

Description: The issue is related to a hardcoded SSL private key vulnerability in the NetCrunch web client. This hardcoded key is used across different customers' installations when no other SSL certificate is installed. As a result, remote attackers can defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.

Recommendations: For AdRem NetCrunch version 10.6.0.4587, consider replacing the hardcoded SSL private key with a unique certificate for each installation to prevent exploitation. Additionally, restrict access to the NetCrunch web client until a proper SSL certificate is installed.