Name of the Vulnerable Software and Affected Versions:

Emsisoft Anti-Malware versions prior to 2024.12

Description:

A vulnerability in the scanning module of Emsisoft Anti-Malware allows attackers on a remote server to obtain Net-NTLMv2 hash information by using a specially crafted A2S (Emsisoft Custom Scan) extension file. Net-NTLMv2 is a network authentication protocol used in Windows environments.

Recommendations:

Update Emsisoft Anti-Malware to version 2024.12 or later.