[原文]SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.
SafeNet SoftRemote VPN Client IreIKE.exe Cleartext Password Local Disclosure
Local Access Required
Loss of Confidentiality
SafeNet SoftRemote VPN Client contains a flaw that may lead to an unauthorized information disclosure. The issue is due to the IreIKE.exe process decrypting VPN (pre-shared keys) passwords upon startup and storing them as plaintext in memory. This allows for disclosure of the local users' VPN password information resulting in a loss of confidentiality.
Upgrade to version 10.3.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.