- Mar 13, 2022
A researcher has published a proof-of-concept (PoC) tool that exploits an unpatched KeePass vulnerability to retrieve the master password from the program’s memory.
An open source password manager primarily designed for Windows, KeePass can also be used on macOS and Linux, through the open source .NET-compatible framework Mono.
Tracked as CVE-2023-32784, the issue impacts KeePass 2.x versions and allows an attacker to retrieve the cleartext master password from a memory dump. The flaw is exploitable even on workspaces that have been locked or are no longer running.
“The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered,” a NIST advisory reads.
PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords
Researcher publishes PoC tool that exploits unpatched KeePass vulnerability to retrieve the master password from memory.