CVE-2023-32784

Published: May 15, 2023

Modified: Jan 23, 2025

PUBLISHED

Description

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/vdohney/keepass-password-dumper

https://sourceforge.net/p/keepass/discussion/329220/thread/f3438e6283/

https://github.com/keepassxreboot/keepassxc/discussions/9433

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-32784

Description

Affected Products

References