February 2, 2023

KeePass Vulnerability Allows to Obtain Cleartext Passwords

A new vulnerability was found in KeePass Password Manager allowing threat actors with write access to a target’s system to modify the XML configuration file and inject a malicious trigger that would export the database, including all usernames and passwords in cleartext.

The Vulnerability

• CVE-2023-24055, (CVSS 3.1: 5.5, Medium) – The vulnerability allows a threat actor with write access to stealthily export the entire database in cleartext.

Affected Products

• KeePass Password Manager – Up to 2.53 in a default installation.

Mitigation

CYREBRO recommends KeePass users to secure their database by logging in as a system admin and creating an enforced configuration file. See instructions here.

References: NVD