KeePass 2.44 - Denial of Service (PoC)

The primary impact of CVE-2020-37178 is a denial-of-service condition. Successful exploitation allows an attacker to crash the KeePass Password Safe application, preventing legitimate users from accessing their stored passwords. While this vulnerability doesn't directly lead to data exfiltration or unauthorized access, it can disrupt operations and potentially be used as a distraction tactic in a larger attack. The ease of exploitation – simply dragging a file – makes it a relatively low-effort attack vector.

Users of KeePass Password Safe who have not upgraded to version 2.44 are at risk. This includes users who rely on KeePass for secure password storage and those who frequently interact with the application's help system, potentially increasing their exposure to malicious HTML files.

• windows / supply-chain:

Get-Process | Where-Object {$_.ProcessName -eq "KeePass.exe"}

• windows / supply-chain:

Get-ItemProperty -Path 'HKLM:\SOFTWARE\KeePass' -Name 'Version'

• windows / supply-chain: Check Autoruns for unusual entries related to KeePass or its components.

1. 2026-02-11Disclosure

   disclosure

1. आरक्षित2026-02-10
2. प्रकाशित2026-02-11
3. संशोधित2026-03-05
4. EPSS अद्यतन2026-03-23

The primary mitigation for CVE-2020-37178 is to upgrade KeePass Password Safe to version 2.44 or later. This version contains a fix that addresses the vulnerability in the help system's HTML handling. If immediate upgrading is not possible, consider restricting user access to the help system or implementing input validation to prevent the loading of potentially malicious HTML files. There are no specific WAF or proxy rules that can directly mitigate this vulnerability, as it occurs within the application itself.