CVE-2023-38840

Published August 15th, 2023

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

N/A

Affected

2

PROJECTS

Description

Bitwarden Desktop 2023.7.0 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process.

bitwarden/desktop

The desktop vault (Windows, macOS, & Linux).

GitHub

3.54K

markuta/bw-dump

A proof-of-concept for (CVE-2023-38840) that extracts plaintext master passwords from a locked Bitwarden vault.

GitHub

42