CVE-2023-38840

MEDIUM

Bitwarden Desktop <2023.7.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-38840. PoCs published by markuta.

AI-analyzed exploit summary This repository contains a functional Go-based tool that extracts the master password from a locked Bitwarden vault by scanning process memory for specific byte patterns. It targets Bitwarden Desktop versions 2023.7.0 and below on Windows systems, requiring no administrative privileges.

Description

Bitwarden Desktop 2023.7.0 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process.

Exploits (1)

nomisec WORKING POC 42 stars
by markuta · poc
https://github.com/markuta/bw-dump

This repository contains a functional Go-based tool that extracts the master password from a locked Bitwarden vault by scanning process memory for specific byte patterns. It targets Bitwarden Desktop versions 2023.7.0 and below on Windows systems, requiring no administrative privileges.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Bitwarden Desktop (2023.7.0 and below)
No auth needed
Prerequisites: Bitwarden Desktop must be running · Vault must have been unlocked at least once in the current session
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 5.5
EPSS 0.0056
EPSS Percentile 42.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

Status published
Products (1)
bitwarden/bitwarden < 2023.7.0
Published Aug 15, 2023
Tracked Since Feb 18, 2026