December 5, 2020
Bitwarden Password Manager Open to Critical Vulnerability

This Popular Password Manager Could be Susceptible to a Huge Vulnerability

A popular password management system contains an exploit that can be used to deploy remote code execution by sophisticated hackers…

An internet security firm has discovered a new flaw in a popular password management program. If leveraged correctly, it could be used to conduct remote code execution. The researchers warn it could manipulate the software’s automatic updates to install backdoors into every single installation of the password manager. Then, hackers could steal all of the passwords stored in the user’s database.

Bitwarden Password Manager Open to Critical Vulnerability

Co-founder of Keytern.al Jeffrey Paul is the security professional who first identified the flaw in password manager Bitwarden. He states that it’s also possible to convince the password management platform’s developers to add a backdoor via blackmail. But, that’s not all, Paul also warns:

“The fact that, of all things, a password manager would grant FULL REMOTE CODE EXECUTION to its developers is insane. The very fact that you would ship a feature like this means you are in no way qualified to hold keys or authentication credentials that allow you to publish a new version that could, at your sole option, backdoor everyone’s installations and steal all the passwords of every single user of this software.”

Savannah Marie

Savannah Marie loves writing and all things social media. She writes on a variety of topics, from social media to health and wellness to travel and all points in between! She is the lead writer and creator of Mixios and blogs with style and a one of a kind voice.

View all posts by Savannah Marie →