CVE-2023-38840

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 15, 2023

Updated: Aug 22, 2023

Summary

CVE-2023-38840 is a vulnerability affecting Bitwarden Desktop versions 2023.7.0 and below. This issue permits an attacker with local access to the system to extract sensitive data through the Bitwarden.exe process. By exploiting this flaw, malicious actors can gain unauthorized access to stored passwords and other confidential information. The vulnerability poses a significant risk to organizations and individuals using the Bitwarden Desktop application, making it crucial for users to promptly update to the latest version to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Bitwarden

Affected Vendors

Bitwarden Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sG6bat
https://www.cve.org/CVERecord?id=CVE-2023-38840
https://nvd.nist.gov/vuln/detail/CVE-2023-38840

Back to Vulnerability Database