15 matches found
CVE-2020-27688
RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The...
Compromised RVTools Installer Spreading Bumblebee Malware
RVTools installer on its official site was found delivering malware. Research shows it spread Bumblebee loader. Users urged to verify downloads...
RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer
The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement...
CVE-2023-44303
RVTools, Version 3.9.2 and above, contain a sensitive data exposure vulnerability in the password encryption utility RVToolsPasswordEncryption.exe and main application RVTools.exe. A remote unauthenticated attacker with access to stored encrypted passwords from a users' system could potentially...
CVE-2023-44303
RVTools, Version 3.9.2 and above, contain a sensitive data exposure vulnerability in the password encryption utility RVToolsPasswordEncryption.exe and main application RVTools.exe. A remote unauthenticated attacker with access to stored encrypted passwords from a users' system could potentially...
Design/Logic Flaw
RVTools, Version 3.9.2 and above, contain a sensitive data exposure vulnerability in the password encryption utility RVToolsPasswordEncryption.exe and main application RVTools.exe. A remote unauthenticated attacker with access to stored encrypted passwords from a users' system could potentially...
CVE-2023-44303
RVTools, Version 3.9.2 and above, contain a sensitive data exposure vulnerability in the password encryption utility RVToolsPasswordEncryption.exe and main application RVTools.exe. A remote unauthenticated attacker with access to stored encrypted passwords from a users' system could potentially...
CVE-2023-44303
CVE-2023-44303 affects RVTools 3.9.2 and later, exposing a sensitive data exposure through the password encryption utility (RVToolsPasswordEncryption.exe) and the main RVTools.exe. Root cause is described as an incomplete fix for CVE-2020-27688, enabling potential disclosure of encrypted password...
Robware RVTools Security Vulnerability
Robware RVTools is a virtual machine management tool organized by Robware. The software lists information about VMs, CPUs, memory, disks, partitions, networks, floppy drives, CD drives, snapshots, VMware tools, resource pools, clusters, ESX hosts, HBAs, Nics, switches, ports, distributed switches...
PT-2023-7270 · Rvtools · Rvtools
Name of the Vulnerable Software and Affected Versions: RVTools versions 3.9.2 and above Description: The issue is related to errors in cryptographic transformations, which can allow a remote attacker to gain unauthorized access to protected information. Specifically, the vulnerability in the...
CVE-2020-27688
RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The...
Design/Logic Flaw
RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The...
CVE-2020-27688
RVTools 4.0.6 is affected by CVE-2020-27688: RVToolsPasswordEncryption.exe uses a static IV and key for encryption, and the Decrypt() method in VISKD.cs within RVTools.exe can decrypt the stored passwords. This creates a risk that passwords in configuration files could be recovered by anyone with...
CVE-2020-27688
RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The...
PT-2020-16764 · Robbie Van Bommel · Rvtools
Name of the Vulnerable Software and Affected Versions: RVTools version 4.0.6 Description: The issue concerns the encryption of passwords in RVTools. Specifically, the RVToolsPasswordEncryption.exe utility in RVTools 4.0.6 uses a static initialization vector IV and key for encryption. This static...