Passwordstate corporation addresses urgent security flaw in Emergency Access feature
In a recent development, cybersecurity firm Positive Technologies has uncovered a high severity authentication bypass vulnerability in the Passwordstate Enterprise Password Management Platform. This marks the fourth such flaw to hit Passwordstate 9 since its release.
The vulnerability, rated as "high" in severity, allows attackers to bypass the authentication requirement of the Emergency Access portal. This could potentially lead to full administrator-level access to the Passwordstate installation. The vulnerability was first discovered in 2022, followed by CVE-2022-3876 and CVE-2022-3875. Another flaw, CVE-2024-39337, was discovered in 2024.
To mitigate this risk, Passwordstate 9 users are advised to install Build 9972 or later to receive the patch, along with the related clickjacking fix. This will help protect users from the vulnerability.
Passwordstate is a widely used software, with over 29,000 organizations worldwide relying on it. Among them is Tasmania's Department of Health, which has been using the product since 2016. The software is used by approximately 370,000 "security and IT professionals" across various sectors including government, banking and finance, insurance, healthcare, legal, utilities, mining, and defense.
In response to the vulnerability, Passwordstate advises administrators to restrict access to the Emergency Access portal by IP address to avoid misuse in the event of such issues. The vulnerability also triggers email alerts to all registered security administrators on the system, providing an additional layer of protection.
This latest vulnerability discovery underscores the importance of regular software updates and robust security measures. Users are encouraged to stay vigilant and follow best practices to protect their systems and data.
Read also:
- Understanding Hemorrhagic Gastroenteritis: Key Facts
- Stopping Osteoporosis Treatment: Timeline Considerations
- Trump's Policies: Tariffs, AI, Surveillance, and Possible Martial Law
- Expanded Community Health Involvement by CK Birla Hospitals, Jaipur, Maintained Through Consistent Outreach Programs Across Rajasthan
