CVE-2023-36266

MEDIUM

Keeper Password Manager <17.2 - Info Disclosure

Title source: llm

Description

An issue was discovered in Keeper Password Manager for Desktop version 16.10.2 (fixed in 17.2), and the KeeperFill Browser Extensions version 16.5.4 (fixed in 17.2), allows local attackers to gain sensitive information via plaintext password storage in memory after the user is already logged in, and may persist after logout. NOTE: the vendor disputes this for two reasons: the information is inherently available during a logged-in session when the attacker can read from arbitrary memory locations, and information only remains available after logout because of memory-management limitations of web browsers (not because the Keeper technology itself is retaining the information).

Exploits (1)

exploitdb WORKING POC
by H4rk3nz0 · localmultiple
https://www.exploit-db.com/exploits/51623

References (4)

Scores

CVSS v3 5.5
EPSS 0.0020
EPSS Percentile 42.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-522
Status published

Affected Products (2)

keepersecurity/keeper
keepersecurity/keeperfill

Timeline

Published Jul 12, 2023
Tracked Since Feb 18, 2026