2 matches found
CVE-2022-26660
CVE-2022-26660 affects RunAsSpc 4.0. The root cause is a universal and recoverable encryption key used to protect credentials, enabling the recovery of credentials from a file encrypted by RunAsSpc. Impact stated: an attacker who gains access to an encrypted RunAsSpc file can recover the credenti...
CVE-2019-10239
CVE-2019-10239 affects Robotronic RunAsSpc 3.7.0.0. The root cause is insufficient protection of stored credentials, enabling locally authenticated attackers under the same user context to obtain cleartext credentials from the stored account. The NVD entry records a low base score (CVSS2: 2.1, LO...