16

heisec@social.heise.de - BSI warnt vor KeePassXC-Schwachstellen

Das BSI warnt vor Schwachstellen im Passwort-Manager KeePassXC. Angreifer können Dateien oder das Master-Passwort ohne Authentifzierungsrückfrage manipulieren.

[The BSI warns of vulnerabilities in the password manager KeePassXC. Attackers can manipulate files or the master password without authentication confirmation.]

you are viewing a single comment's thread
view the rest of the comments
[-] laskobar@feddit.de 5 points 1 year ago

Lock the pc, if you leave and lock the db, if pc is locked, lid is closed and this is absolute a non-issue.

German BSI is sometimes a little bit over motivated ;-)

[-] nightdice@feddit.de 1 points 1 year ago

You don't even need to lock the pc, locking the db is sufficient. The issue allows changing the settings on unlocked databases without needing to re-confirm (at least according to the article).

this post was submitted on 20 Jun 2023
16 points (100.0% liked)

Free and Open Source Software

17550 readers
171 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS