KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784) | allinfosecnews.com

May 17, 2023, 1:11 p.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

A vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the researcher who unearthed the flaw. The bad news is that the vulnerability is still unfixed and that a PoC exploitation tool – aptly named KeePass 2.X Master Password Dumper – is publicly available, but the good news is that the password can’t be extracted remotely just by exploiting this flaw. “If your … More →

The post …

bad cve don't miss exploitation exploited flaw keepass manager master master password memory open source password password manager passwords poc public researcher software tool vulnerability

More from www.helpnetsecurity.com / Help Net Security

Why cloud vulnerabilities need CVEs 5 hours ago | www.helpnetsecurity.com

cloud cloud environments cloud vulnerabilities common vulnerabilities and exposures +26

Making cybersecurity more appealing to women, closing the skills gap 5 hours ago | www.helpnetsecurity.com

cco challenges current cybersecurity +26

Cybersecurity jobs available right now: May 1, 2024 6 hours ago | www.helpnetsecurity.com

adversary adversary simulation application applications +23

Building a strong cloud security posture 6 hours ago | www.helpnetsecurity.com

building cloud cloud security cloud security posture +20

Essential steps for zero-trust strategy implementation 7 hours ago | www.helpnetsecurity.com

budget cybersecurity cybersecurity budget fourth quarter +12

Infosec products of the month: April 2024 8 hours ago | www.helpnetsecurity.com

akamai april bitdefender cyber +37

Adaptive Shield unveils SaaS security for AI 20 hours ago | www.helpnetsecurity.com

adaptive shield and response applications apps +28

Onyxia launches AI-powered predictive insights to optimize security management 20 hours ago | www.helpnetsecurity.com

address ai-powered can challenges +24

Island raises $175 million at $3 billion valuation 20 hours ago | www.helpnetsecurity.com

capital coatue financing funding +10

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Professional Services Resident Consultant / Senior Professional Services Resident Consultant - AMS

@ Zscaler | Bengaluru, India

View on infosec-jobs.com

Head of Security, Risk & Compliance

@ Gedeon Richter Pharma GmbH | Budapest, HU

View on infosec-jobs.com

Unarmed Professional Security Officer - County Hospital

@ Allied Universal | Los Angeles, CA, United States

View on infosec-jobs.com

Senior Software Engineer, Privacy Engineering

@ Block | Seattle, WA, United States

View on infosec-jobs.com

Senior Cyber Security Specialist

@ Avaloq | Bioggio, Switzerland

View on infosec-jobs.com