2 matches found
CVE-2023-44303
CVE-2023-44303 affects RVTools 3.9.2 and later, exposing a sensitive data exposure through the password encryption utility (RVToolsPasswordEncryption.exe) and the main RVTools.exe. Root cause is described as an incomplete fix for CVE-2020-27688, enabling potential disclosure of encrypted password...
CVE-2020-27688
RVTools 4.0.6 is affected by CVE-2020-27688: RVToolsPasswordEncryption.exe uses a static IV and key for encryption, and the Decrypt() method in VISKD.cs within RVTools.exe can decrypt the stored passwords. This creates a risk that passwords in configuration files could be recovered by anyone with...