PT-2023-26623 · Bitwarden · Bitwarden Desktop
Naz Markuta
·
Published
2023-08-15
·
Updated
2023-08-31
·
CVE-2023-38840
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Bitwarden Desktop versions 2023.7.0 and below
Description
The issue allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process. A local attacker can exploit this to gain access to sensitive data.
Recommendations
For Bitwarden Desktop versions 2023.7.0 and below, at the moment, there is no information about a newer version that contains a fix for this issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Bitwarden Desktop