CVE-2025-34180

Name of the Vulnerable Software and Affected Versions NetSupport Manager versions prior to 14.12.0001

Description NetSupport Manager relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. This key is stored using a reversible encoding scheme. An attacker gaining access to a deployed client configuration file can decode the stored value to recover the plaintext Gateway Key. Possession of the Gateway Key allows unauthorized access to NetSupport Manager connectivity services and enables remote control of systems managed using the same key.

Recommendations Update NetSupport Manager to version 14.12.0001 or later.