CVE-2025-46660
📋 TL;DR
This vulnerability in 4C Strategies Exonaut 21.6 allows attackers to more easily crack user passwords if they gain access to the database, since passwords are hashed without cryptographic salt. This affects all organizations using the vulnerable version of Exonaut for training and exercise management.
💻 Affected Systems
- 4C Strategies Exonaut
📦 What is this software?
Exonaut by 4cstrategies
⚠️ Risk & Real-World Impact
Worst Case
Attackers with database access could crack all user passwords offline using rainbow tables or brute force, leading to complete account compromise and potential lateral movement.
Likely Case
If database backups or exports are exposed, attackers could crack weak passwords to gain unauthorized access to user accounts.
If Mitigated
With proper database security controls and strong password policies, the risk is reduced but still present if database access is obtained.
🎯 Exploit Status
Exploitation requires database access first, then offline password cracking tools can be used against the unsalted hashes.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 21.6 (check vendor for specific version)
Vendor Advisory: https://www.4cstrategies.com/solutions/exonaut/
Restart Required: No
Instructions:
1. Contact 4C Strategies for patched version. 2. Upgrade Exonaut to version with salted password hashing. 3. Force password resets for all users to generate new salted hashes.
🔧 Temporary Workarounds
Enforce Strong Password Policy
allRequire complex, long passwords to make brute-force attacks more difficult even without salt.
🧯 If You Can't Patch
- Implement database encryption at rest and strict access controls to prevent unauthorized database access.
- Enable multi-factor authentication to add an additional layer of security beyond passwords.
🔍 How to Verify
Check if Vulnerable:
Check Exonaut version in administration panel or configuration files. Version 21.6 is vulnerable.Check Version:
Check Exonaut web interface administration panel or configuration files for version information.Verify Fix Applied:
After upgrade, verify password hashes in database include salt values and are not identical for users with same passwords.📡 Detection & Monitoring
Log Indicators:
- Unusual database access patterns
- Multiple failed login attempts from new locations
Network Indicators:
- Unexpected database connection attempts
- Large data exports from database
SIEM Query:
source="database_logs" AND (event="unauthorized_access" OR event="mass_data_export")