# CVE-2023-27706

### NIST Link

<https://nvd.nist.gov/vuln/detail/CVE-2023-27706>

### Description

Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged processes.

### Impact to Keeper

Keeper is **not impacted** by this issue. To ensure that we were not impacted by a similar vulnerability, Keeper contracted a 3rd party penetration tester in July 2023 to validate our protection against this type of attack. The report PDF is posted below:

{% file src="<https://1549319098-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LSGErxSfzX6xZALob42%2Fuploads%2FtAIQRx2707GfUdZhS7Vf%2FKeeper%20protection%20against%20CVE-2023-27706.pdf?alt=media&token=c2cda1d1-1925-4466-b1d7-a3317c5c38e9>" %}

If you have any questions, please email us at <security@keepersecurity.com>.