CVE-2020-27688

HIGH

RVTools 4.0.6 - Insufficiently Protected Credentials via Static Encryption Key

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-27688. PoCs published by matthiasmaes.

AI-analyzed exploit summary This repository contains a functional proof-of-concept decryptor for CVE-2020-27688, which exploits static IV and KEY values in RVTools' proprietary encryption to decrypt passwords stored in configuration files.

Description

RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt() method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The accounts used in the configuration files have access to vSphere instances.

Exploits (1)

nomisec WORKING POC 1 stars

by matthiasmaes · poc

https://github.com/matthiasmaes/CVE-2020-27688

View Code ZIP pw:eip

This repository contains a functional proof-of-concept decryptor for CVE-2020-27688, which exploits static IV and KEY values in RVTools' proprietary encryption to decrypt passwords stored in configuration files.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: RVTools <= 4.0.6

No auth needed

Prerequisites: access to RVTools encrypted password (prefixed with '_RVToolsPWD')

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory x_refsource_misc

https://github.com/matthiasmaes/CVE-2020-27688

Product, Vendor Advisory x_refsource_misc

https://www.robware.net/rvtools/

Scores

CVSS v3 7.5

EPSS 0.0629

EPSS Percentile 91.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-522

Status published

Products (1)

robware/rvtools 4.0.6

Published Nov 05, 2020

Tracked Since Feb 18, 2026