KeePass vulnerability puts master passwords at risk

Open source password manager KeePass is being impacted by a security flaw, tracked as CVE-2023-32784, which could be exploited to facilitate master password retrieval from program memory, SecurityWeek reports. "The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered," said a National Institute of Standards and Technology advisory, which also noted that the vulnerability could be leveraged even in locked or non-functioning workspaces. Meanwhile, a proof-of-concept tool developed by security researcher Vdohney dubbed "KeePass 2.X Master Password Dumper" could fetch all passwords by performing memory dump searches. "Apart from the first password character, it is mostly able to recover the password in plaintext. No code execution on the target system is required, just a memory dump," said Vdohney. KeePass will be releasing an official fix for the vulnerability that includes Windows API function call in July.