Pricefield | Lemmy
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
@[email protected] to Bitwarden - The unofficial Bitwarden [email protected]English • 2 years ago

Bitwarden Windows Client vulnerability prior to 2023.4.0: CVE-2023-27706

message-square
0
fedilink
5
message-square

Bitwarden Windows Client vulnerability prior to 2023.4.0: CVE-2023-27706

@[email protected] to Bitwarden - The unofficial Bitwarden [email protected]English • 2 years ago
message-square
0
fedilink

https://nvd.nist.gov/vuln/detail/CVE-2023-27706

Bitwarden Desktop v1.20.0 and above stores the biometric key in plaintext which allows a local attacker to decrypt the entire local vault if you are using Windows Hello and are not on the latest version. The Bitwarden Windows client before version 2023.4.0 is affected.

Details here: https://hackerone.com/reports/1874155

(shamelessly stolen from reddit)

alert-triangle
You must log in or register to comment.

Bitwarden - The unofficial Bitwarden [email protected]

[email protected]
Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

Please do note that this an unofficial community.

Bitwarden - Open source password manager

Bitwarden is an open source password management platform for individuals, teams, and business organizations.

  • https://reddit.com/r/bitwarden
  • https://bitwarden.com
  • https://bitwarden.com/help/
  • https://community.bitwarden.com
  • https://vault.bitwarden.com
  • https://github.com/bitwarden
  • 2 users / day
  • 2 users / week
  • 2 users / month
  • 2 users / 6 months
  • 1 subscriber
  • 23 Posts
  • 35 Comments
  • Modlog
  • mods:
  • @[email protected]
  • UI: 0.18.4
  • BE: 0.18.2
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org