CVE-2024-45165
CVE-2024-45165 affects UCI IDOL 2 (IDOL2) up to version 2.12. The issue is that the client–server encryption uses a static, hardcoded key derived from the string “(c)2007 UCI Software GmbH B.Boll.” This enables an attacker with access to the messages to decrypt and re-encrypt traffic, enabling pa...