New Update KeePass Update Patches Vulnerability Exposing Master Password

[MuzzMelbourne]

Open source password manager KeePass was updated over the weekend to patch a vulnerability allowing attackers to retrieve the cleartext master password from a memory dump.

Tracked as CVE-2023-32784 and impacting KeePass 2.x versions, the issue is related to the custom-developed textbox used for password entry, which creates a leftover string in memory for each character that the user types.

An attacker can use a KeePass process dump, a hibernation file, a swap file, or even a RAM dump of the entire system to retrieve the strings and reconstruct the typed password. Because the strings are ordered in memory, even multiple typed-in passwords can be retrieved.

Several weeks ago, a security researcher published a proof-of-concept (PoC) tool that can exploit the vulnerability to retrieve passwords from memory dumps.

KeePass Update Patches Vulnerability Exposing Master Password

KeePass 2.54 patches a vulnerability allowing attackers to retrieve the cleartext master password from a memory dump.

www.securityweek.com