Insecure Storage of Biometric Keys in Bitwarden Windows Desktop Application
CVE-2023-27706 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged processes.
Learn more about our Cis Benchmark Audit For Desktop Software.