Cleartext Storage of Sensitive Information in Executable
Draft Variant
Structure: Simple
Description
The product stores sensitive information in cleartext in an executable.
Attackers can reverse engineer binary code to obtain secret data. This is especially easy when the cleartext is plain ASCII. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.
Common Consequences 1
Scope: Confidentiality
Impact: Read Application Data
Observed Examples 2
CVE-2005-1794Product stores RSA private key in a DLL and uses it to sign a certificate, allowing spoofing of servers and Adversary-in-the-Middle (AITM) attacks.
CVE-2001-1527administration passwords in cleartext in executable
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Modes of Introduction
Implementation
Related Attack Patterns
Related Weaknesses
Taxonomy Mapping
- PLOVER
Notes
TerminologyDifferent people use "cleartext" and "plaintext" to mean the same thing: the lack of encryption. However, within cryptography, these have more precise meanings. Plaintext is the information just before it is fed into a cryptographic algorithm, including already-encrypted text. Cleartext is any information that is unencrypted, although it might be in an encoded form that is not easily human-readable (such as base64 encoding).