| |
Vulnerability CVE-2023-3395
Published: 2023-07-03
| Description: |
?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access to system files could open a file to load the document into memory, including sensitive information associated with document, such as password. The attacker could then obtain the plaintext password by using a memory viewer.
|
Type:
CWE-256 (Plaintext Storage of a Password)
References: |
https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
