iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system’s Personal Key in world-readable %PROGRAMDATA% log files.

By admin