CVE-2023-38840

CVE-2023-38840

EPSS 0.6%

Bitwarden Desktop 2023.7.0 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/bitwarden/clients/pull/5813 https://github.com/bitwarden/desktop/issues/476 https://github.com/markuta/bw-dump https://redmaple.tech/blogs/2023/extract-bitwarden-vault-passwords/