Information Disclosure In Memory Dump

HI Team 

The SolidWorks PDM memory dump contained sensitive user information, including usernames and passwords in plain text. The presence of plaintext passwords makes it possible for attackers to compromise user accounts and systems.


Risk:

The disclosure of plaintext passwords increases the likelihood of unauthorized access to data. If exploited, attackers could gain control over SolidWorks PDM account, leading to data manipulation and theft of designs.


Remediation steps: Do not store passwords in memory. noticed (EdmServer.exe) plain text credentials stored Implement encryption for sensitive information such as passwords, both at rest and in memory. 

 

I request to share the steps to take a remediation steps: 

 

Regards

Siva Rama Krishnan.K