Critical Vulnerabilities in Leading Cloud-Based Password Managers Expose Millions to Potential Data Breaches
In a recent study conducted by researchers at ETH Zurich, 25 significant vulnerabilities have been identified across three major cloud-based password managers: Bitwarden, LastPass, and Dashlane. These security flaws could potentially allow malicious servers to circumvent the zero-knowledge encryption protocols, leading to unauthorized access, modification, and retrieval of users’ stored passwords and vault data.
Scope of the Study
Bitwarden, LastPass, and Dashlane collectively serve over 60 million users worldwide, holding a substantial share of the password management market. The research focused on the client-server interactions of these platforms under a scenario where the server is fully compromised and deviates from standard protocols. Despite the vendors’ claims of zero-knowledge encryption—a system where servers cannot access plaintext vaults even if compromised—the study revealed multiple failures in maintaining confidentiality and integrity.
Categorization of Vulnerabilities
The identified vulnerabilities are categorized into four main areas:
1. Key Escrow Mechanisms: These vulnerabilities exploit account recovery and Single Sign-On (SSO) login mechanisms, enabling full vault compromise through unauthenticated keys.
2. Item-Level Vault Encryption Flaws: Issues in per-item encryption lead to integrity violations, metadata leaks, field swapping, and Key Derivation Function (KDF) downgrades.
3. Sharing Feature Exploits: Unauthenticated public keys can compromise organizations and shared vaults, allowing unauthorized access.
4. Backwards Compatibility Issues: Support for legacy code can trigger downgrades to insecure modes, such as Cipher Block Chaining (CBC), compromising security.
Detailed Analysis of Vulnerabilities
Bitwarden:
– BW01: Unauthenticated organization public keys allow key substitution, leading to full vault compromise upon joining any group.
– BW04-BW07: Flaws in per-item encryption expose unprotected metadata, enable field swapping, decrypt icons, and remove iterations, making brute-force attacks feasible.
– BW08-BW09: Unauthenticated public keys can inject or overwrite organizations, compromising shared vaults.
– BW10-BW12: Support for legacy code can disable protections and overwrite keys, leading to security downgrades.
LastPass:
– LP01: Password reset flaws allow key substitution, resulting in full vault compromise.
– LP02-LP06: Lack of authenticated encryption and key separation leads to field/item swapping, loss of confidentiality, and no brute-force protection.
– LP07: Unauthenticated public keys can overwrite sharing keys upon joining, compromising shared vaults.
Dashlane:
– DL01: Shared keys across transactions enable transaction replay, violating vault integrity.
– DL02: Unauthenticated public keys can overwrite sharing keys upon joining, compromising shared vaults.
– DL03-DL06: Support for legacy code enables injections, KDF removal, and Lucky 64 attacks after syncs.
Implications and Recommendations
The discovery of these vulnerabilities underscores the critical need for robust security measures in password management solutions. Users are advised to ensure their password managers are updated to the latest versions, as vendors are expected to release patches addressing these issues. Additionally, users should remain vigilant and consider implementing additional security measures, such as two-factor authentication, to enhance their overall security posture.
