CVE-2023-24055
Description
KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has that level of access to the local PC.
Severity: MEDIUM
CVE ID: CVE-2023-24055
CVSS Score: 5.5
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Proof Of Concept
deetl
POC and Scanner for CVE-2023-24055
Refrence: GitHub
alt3kx
CVE-2023-24055 PoC (KeePass 2.5x)
Refrence: GitHub
Cyb3rtus
Contains a simple yara rule to hunt for possible compromised KeePass config files
Refrence: GitHub
duckbillsecurity
CVE-2023-24055 POC written in PowerShell.
Refrence: GitHub
julesbozouklian
Refrence: GitHub
digital-dev
KeePass 2.53.1 with removed ECAS Trigger System Remediating CVE-2023-24055
Refrence: GitHub
zwlsix
KeePass CVE-2023-24055复现
Refrence: GitHub
Content on GitHub
n3rada | watchers:2
Invoke-KeePassBackup
A PowerShell tool for backing up and exporting KeePass databases to a specified endpoint with GZip compression.
Refrence: GitHub