Carlo Di Dato

**Name of the Vulnerable Software and Affected Versions** TSplus Remote Access versions through 16.0.2.14 **Description** An issue was discovered where credentials are stored as cleartext within the HTML source code of the login page. **Recommendations** For versions through 16.0.2.14, consider disabling the login page functionality until a patch is available to prevent cleartext credential exposure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Inosoft VisiWin versions 7 through 2022-2.1 **Description** An issue was discovered in the "%PROGRAMFILES(X86)%INOSOFT GmbH" folder, which has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. **Recommendations** For versions 7 through 2022-2.1, update to version 2024-1 to resolve the issue. As a temporary workaround, consider restricting access to the "%PROGRAMFILES(X86)%INOSOFT GmbH" folder to prevent an attacker from inserting malicious files.

**Name of the Vulnerable Software and Affected Versions** TSplus Remote Access versions through 16.0.2.14 **Description** An issue was discovered in TSplus Remote Access where some directories under %PROGRAMFILES(X86)%TSplusClientswww have Full Control permissions for Everyone. **Recommendations** For versions through 16.0.2.14, restrict access to the directories under %PROGRAMFILES(X86)%TSplusClientswww to minimize the risk of exploitation by removing Full Control permissions for the Everyone group.

**Name of the Vulnerable Software and Affected Versions** TSplus Remote Access versions through 16.0.2.14 **Description** An issue was discovered in TSplus Remote Access where some directories under %PROGRAMFILES(X86)%TSplusUserDesktopthemes have Full Control permissions for Everyone. **Recommendations** For TSplus Remote Access versions through 16.0.2.14, consider restricting access to the affected directories under %PROGRAMFILES(X86)%TSplusUserDesktopthemes to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OutSystems Service Studio version 11.53.30 build 61739 **Description** A DLL hijacking issue has been discovered. When a user opens a .oml file, the application loads DLLs from the same directory, including `av libGLESv2.dll`, `libcef.DLL`, `user32.dll`, and `d3d10warp.dll`. Using a crafted DLL, it is possible to execute arbitrary code in the context of the current logged-in user. **Recommendations** For OutSystems Service Studio version 11.53.30 build 61739, consider disabling the loading of DLLs from the same directory as a temporary workaround until a patch is available. Restrict access to the vulnerable DLLs to minimize the risk of exploitation. Avoid using the affected .oml file handling functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CODESYS Development System versions 3.5.17.0 through 3.5.19.20 **Description** A vulnerability in the CODESYS Development System allows for the execution of binaries from the current working directory in the user's context. **Recommendations** For versions 3.5.17.0 through 3.5.19.20, update to a version later than 3.5.19.20 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Samsung SmartViewer (affected versions not specified) **Description** The issue is related to the improper initialization of a variable in the STWConfig ActiveX control, which allows remote attackers to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 5.01 SP4 through 6 SP1 Description: A remote code execution issue exists due to improper validation of parameters during calls to navigation methods. This allows attackers to execute arbitrary code via a crafted HTML document, triggering memory corruption. An attacker could exploit this by constructing a specially crafted Web page, potentially gaining the same user rights as the logged-on user when a user views the Web page. Recommendations: For Microsoft Internet Explorer versions 5.01 SP4 and 6 SP1, consider disabling navigation methods until a patch is available. Restrict access to specially crafted Web pages to minimize the risk of exploitation. Avoid using Internet Explorer to view untrusted Web pages until the issue is resolved.