Format string

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file...

CVE-2015-0988

Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file...

CVE-2015-0988

CVE-2015-0988 affects Omron CX-One CX-Programmer (before 9.6). Root cause: passwords stored in a recoverable format in project/source files (and on CF cards), allowing local users to obtain sensitive information by reading files. Mitigation: upgrade to CX-Programmer 9.6 and CJ2M PLC 2.1 / CJ2H PL...

CVE-2015-1015

CVE-2015-1015 affects Omron CX-One CX-Programmer (prior to v9.6) and CJ2M (prior to v2.1) / CJ2H PLC devices (prior to v1.5). The issue is storing passwords in a recoverable/reversible format in object files on Compact Flash, enabling local users to read sensitive information from files. Impact i...

Siemens ProcessSuite and Invensys Intouch Poorly Encrypted Password File

Overview This advisory provides mitigation details for a vulnerability that impacts Siemens ProcessSuite and Invensys Wonderware InTouch products. Researcher Seth Bromberger of NCI Security, LLC and independent researcher Slade Griffin have identified an insecure password storage vulnerability in...

Проблемы с WinVNC

Создаваемый ключ в реестре содержит пароли администрирования и позволяет редактирование пользователем. Пароли хранятся в обратимом виде...