FortiClient Vulnerability

Mobatek MobaXterm CVE-2019-7690 Information Disclosure Vulnerability

Description

In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from the remote SSH server. This affects Passwordless Authentication that has a Password Protected SSH Private Key.

Affected Applications

MobaXterm

CVE References

CVE-2019-7690

Other References

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7690

ID	2504
Created	May 12, 2021
Description Updated	Nov 07, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	Mobatek
Patch	manual
Application	MobaXterm

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Mobatek MobaXterm CVE-2019-7690 Information Disclosure Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Mobatek MobaXterm CVE-2019-7690 Information Disclosure Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center