Main Vulnerability Database SB2023051908

SB2023051908 - Unauthorized master password recovery in KeePass

Published: May 19, 2023 Updated: November 22, 2024

Security Bulletin ID SB2023051908

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Storing passwords in a recoverable format (CVE-ID: CVE-2023-32784)

The vulnerability allows a local user to recover the master password.

The vulnerability exists due to the way KeePass stores data in memory. A local user or a malicious application can extract master password from a process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system.

Remediation

Install update from vendor's website.

References

https://sourceforge.net/p/keepass/discussion/329220/thread/f3438e6283/
https://github.com/vdohney/keepass-password-dumper
https://keepass.info/news/n230603_2.54.html