GN-SA-2023-001: Genian NAC - Multiple Vulnerabilities


  • Aug 15, 2023


  • High


The following vulnerabilities were identified related to the Genian Update server(s):

  • Unauthorized Transmission Data Storage Vulnerability
  • Unauthorized Data Tampering Vulnerability
  • Unauthorized Script Execution Vulnerability
  • Unauthorized Setting (network sensor password change) Vulnerability


Server side actions were taken to mitigate threats, however, customers running the version(s) mentioned below are advised to update to the fixed version(s) as soon as possible. Not updating may leave customers vulnerable as well as prevent customer policy servers from obtaining the latest updates from the Genian Update server infrastructure.

Affected Products

  • Genian NAC 5.0.42 LTS (Revision 117460 or lower)
  • Genian NAC 5.0.54 or lower
  • Genian ZTNA 6.0.15 or lower

Affected Components

  • Policy Server
  • Network Sensor
  • Agent


The vulnerabilities contained in this advisory can be addressed by upgrading to version listed below:

  • Genian NAC 5.0.42 LTS (Revision 117461 or higher)
  • Genian NAC 5.0.55 or higher
  • Genian ZTNA 6.0.16 or higher


  • None