virus logo FortiClient Vulnerability

Robware RVTools CVE-2020-27688 Information Disclosure Vulnerability

description-logoDescription

RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt() method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The accounts used in the configuration files have access to vSphere instances.

affected-products-logoAffected Applications

RVTools

CVE References

CVE-2020-27688

Other References

https://nvd.nist.gov/vuln/detail/CVE-2020-27688
ID 2408
Created Oct 07, 2021
Description
Updated		 Oct 26, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Robware
Patch manual
Application RVTools