CVE-2023-3395 Information

Description

?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access to system files could open a file to load the document into memory including sensitive information associated with document such as password. The attacker could then obtain the plaintext password by using a memory viewer.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03