RightFax Security Alert: CVE-2025-15610 .NET Remoting Vulnerability - Critical Patch Required

OpenText Security Alert - .NET Remoting Vulnerability in RightFax (CVE-2025-15610)

OpenText Security Alert: .NET Remoting Vulnerability in RightFax

Affected Products: RightFax (all versions), OpenText Fax CE (all versions)

Severity: Critical (CVSS 9.3)

CVE Reference: CVE-2025-15610

Published: April 14, 2026

Summary

OpenText has identified critical security vulnerabilities in the .NET Remoting framework used by RightFax. The vulnerabilities allow unauthenticated attackers to execute arbitrary code, read/write files, and perform SMB coercion attacks if RightFax ports 34001 and 34002 are accessible from untrusted networks.

Impact

Successful exploitation could allow an attacker to:

  • Execute remote code (RCE) on the RightFax server
  • Read or write arbitrary files on the server
  • Perform Server Message Block (SMB) coercion attacks

Affected Ports

  • TCP 34001 — Remoting WebApi Connections
  • TCP 34002 — Remoting WebApi Connections (secondary)

These ports are used by the RightFax Remoting Service for client-to-server API communication and server-to-server communication in Shared Services environments.

Immediate Mitigation

Block inbound connections on TCP ports 34001 and 34002 at your firewall.

Standard Configuration (Single RightFax Server)

If all RightFax components are installed on a single server, block ports 34001 and 34002 at your perimeter firewall. This will not impact normal RightFax operations.

Shared Services or Remote IIS Configuration

If RightFax Web Admin, FaxUtil Web, or IIS components are installed on a separate server from the RightFax Application Server:

  • Block ports 34001 and 34002 at your perimeter firewall (internet-facing)
  • Allow ports 34001 and 34002 between internal RightFax servers

WARNING: Blocking these ports completely in a Shared Services or remote IIS environment will break communication between RightFax servers.

Verification Steps

Check External Exposure

From an external network (home/mobile/VPN disconnected):

telnet <RightFax_public_IP> 34001
telnet <RightFax_public_IP> 34002

Expected: Connection refused or timeout (firewall blocking)

If connection succeeds: Ports are exposed — immediate action required

Check Windows Firewall Rules

  1. Open Windows Defender Firewall → Advanced Settings → Inbound Rules
  2. Look for rules allowing TCP 34001 and 34002
  3. Check "Remote Address" column — should be "LocalSubnet" or specific internal IPs, NOT "Any"

Patch Status

OpenText is developing patches for the following RightFax versions:

  • 16.6
  • 20.2
  • 21.2
  • 22.2
  • 23.4
  • 24.4
  • 25.4

Target completion: End of April 2026

Subscribe to OpenText Knowledge Base article KB0775259 to receive patch notifications.

Additional Information

OpenText KB Article: https://support.opentext.com/csm?id=kb_article&sysparm_article=KB0775259

Microsoft .NET Remoting Status: .NET Remoting is a legacy technology that Microsoft has deprecated. No Microsoft patch is available or planned. Mitigation relies on network-level controls (firewall rules) until OpenText releases application-level patches.

Support

For assistance verifying your RightFax configuration or implementing firewall rules, contact Ingenium Support:

Email: support@ingeniumsw.com
Phone: [your support number]

Last Updated: April 14, 2026