![]() the KeePass development team is arguing that this shouldn’t be classified as a vulnerability: … ”These attacks can only be prevented by keeping the environment secure. … Since CVE-2023-24055 was assigned, a proof-of-concept exploit has already been shared online, likely making it easier for malware developers to upgrade information stealers with the ability to dump and steal the contents of KeePass databases. This export process launches in the background without the user being notified or KeePass requesting the master password to be entered as confirmation before exporting, allowing the threat actor to quietly gain access to all of the stored passwords. … The new vulnerability … enables threat actors with write access to a target’s system to alter the KeePass XML configuration file and inject a malicious trigger that would export the database, including all usernames and passwords in cleartext. ![]() ![]() KeePass is a very popular open-source password manager that allows you to manage your passwords using a locally stored database, rather than a cloud-hosted one, such as LastPass or Bitwarden. Victim will open KeePass as normal the trigger will executed in background, exfiltrating the credentials cleartext.Īll this so soon after the LastPass and LifeLock scares? Sergiu Gatlan felt a great disturbance in The Force-“ KeePass disputes vulnerability”: What’s the craic? Alex Hernandez reports a vulnerability-“ CVE-2023-24055”:Īn attacker who has write access to the KeePass configuration file … can modify it and inject malicious triggers-e.g., to obtain the cleartext passwords by adding an export trigger. ![]() Your humble blogwatcher curated these bloggy bits for your entertainment.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |