CVE-2026-4387— Unencrypted storage of authentication state in StrongDM Desktop Application state.kv file
Possible ATT&CK Techniques 1AI
T1552.004 · Private KeysAffected Version Matrix 2
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| StrongDM | StrongDM Desktop Application | < 23.74.0 | affected |
| StrongDM | StrongDM Desktop Client | < 53.77.0 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-4387
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unencrypted storage of authentication state in StrongDM Desktop Application state.kv file
Source: NVD (National Vulnerability Database)
Vulnerability Description
StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\<username>\.sdm\state.kv. The file is protected only by default user-level NTFS permissions. Exploitation requires local read access to the affected user's profile directory and additional deployment and execution conditions on the target host. The condition was reported through coordinated disclosure by Hope Walker (SpecterOps).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
敏感数据的明文存储
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| StrongDM | StrongDM Desktop Application | 0 ~ 23.74.0 | - | |
| StrongDM | StrongDM Desktop Client | 0 ~ 53.77.0 | - |
II. Public POCs for CVE-2026-4387
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-4387
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-312
- CVE-2026-45040
RustFS: Sensitive Information Leakage (SessionToken and Secr - CVE-2026-9274
Information Exposure Vulnerability in CP-Plus Wi-Fi Camera - CVE-2026-8596
Cleartext storage of HMAC signing key in Amazon SageMaker Py - CVE-2026-6332
Clear Text Storage of Sensitive Information on EcoStruxure™ - CVE-2026-42408
BIG-IP DNS tmsh vulnerability
V. Comments for CVE-2026-4387
No comments yet