CVE-2025-3426 Information

Description

We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically the app’s code is not obfuscated and no measures are in place to protect against decompilation disassembly or debugging. As a result attackers can reverse-engineer the application to gain insights into its internal workings which can potentially lead to the discovery of sensitive information business logic flaws and other vulnerabilities. Utilizing this flaw the attacker was able to identify the Hardcoded credentials from PortalUsersDatabase.dll which contains .NET remoting definition. Inside the namespace PortalUsersDatabase the class Users contains the functions CreateAdmin and CreateService that are used to initialize accounts in the Portal service. Both CreateAdmin and CreateService functions contain a hardcoded encrypted password along with its respective salt that are set with the function SetInitialPasswordAndSalt. This issue affects IntelliSpace Portal: 12 and prior; Advanced Visualization Workspace: 15.

Reference

https://www.cve.org/CVERecord?id=CVE-2025-3426