Local User Can Dump Kaspersky Password Manager Chrome Extension Credentials
CVE-2023-23349 Published on March 22, 2024
Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form of a website with the saved credentials, and the KPM extension must autofill these credentials. The attacker must then launch a malware module to steal those specific credentials.
Vulnerability Analysis
CVE-2023-23349 can be exploited with local system access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Timeline
Advisory published by Kaspersky
Weakness Type
Cleartext Storage of Sensitive Information in Memory
The application stores sensitive information in cleartext in memory.
Products Associated with CVE-2023-23349
Want to know whenever a new CVE is published for Kaspersky Password Manager? stack.watch will email you.
Affected Versions
Kaspersky Password Manager for Windows:- Version * and below 24.0.0.427 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.