A vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the researcher who unearthed the flaw. The bad news is that the vulnerability is still unfixed and that a PoC exploitation tool – aptly named KeePass 2.X Master Password Dumper – is publicly available, but the good news is that the password can’t be extracted remotely just by exploiting this flaw. “If your … More
The post KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784) appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: