CVE-2023-44303 Information

Description

RVTools Version 3.9.2 and above contain a sensitive data exposure vulnerability in the password encryption utility (RVToolsPasswordEncryption.exe) and main application (RVTools.exe). A remote unauthenticated attacker with access to stored encrypted passwords from a users’ system could potentially exploit this vulnerability leading to the disclosure of encrypted passwords in clear text. This vulnerability is caused by an incomplete fix for CVE-2020-27688.

Reference

https://www.dell.com/support/kbdoc/en-us/000219712/dsa-2023-426-security-update-for-rvtools-vulnerabilities