CVE-2023-27706

Bitwarden vulnerability with biometric key storage

NIST Link

https://nvd.nist.gov/vuln/detail/CVE-2023-27706

Description

Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged processes.

Impact to Keeper

Keeper is not impacted by this issue. To ensure that we were not impacted by a similar vulnerability, Keeper contracted a 3rd party penetration tester in July 2023 to validate our protection against this type of attack. The report PDF is posted below:

819KB

Keeper protection against CVE-2023-27706.pdf

pdf

If you have any questions, please email us at security@keepersecurity.com.

PreviousCVE-2023-44487 NextCVE-2023-5217

Last updated 3 months ago