CVE-2023-24055

Published Jan 22, 2023

Last updated 3 months ago

Overview

Description: KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has that level of access to the local PC.
Source: cve@mitre.org
NVD status: Modified
CNA Tags: disputed

Hype score: Not currently trending

This has been one of my favorites for a while, but now it's time to let it go. Here's my preferred way of getting the KeePass db that we often hunt for: downgrade the executable to version 2.53, use CVE-2023-24055 and wait for the busy admin to trigger the dump of the database.…
@naksyn
Oct 30, 2024 6:38 PM
13923 Impressions
39 Retweets
150 Likes
129 Bookmarks
0 Replies
4 Quotes

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-312

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:keepass:keepass:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFA47D34-7075-4B84-BB5D-1C6CAD117F72",
            "versionEndIncluding": "2.53"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References