CVE-2023-30367

Name of the Vulnerable Software and Affected Versions mRemoteNG versions <= 1.76.20 mRemoteNG versions <= 1.77.3-dev

Description The issue allows attackers to access the contents of configuration files in plain text through a memory dump, thus compromising user credentials when no custom password encryption key has been set. This occurs because mRemoteNG loads configuration files into memory in plain text at application start-up, even if no connection has been established yet. This behavior bypasses the connection configuration file encryption setting by dumping already decrypted configurations from memory.

Recommendations For mRemoteNG versions <= 1.76.20, consider setting a custom password encryption key to protect user credentials. For mRemoteNG versions <= 1.77.3-dev, consider setting a custom password encryption key to protect user credentials. As a temporary workaround, consider restricting access to sensitive configuration files until a patch is available.