Cleartext Storage in the Registry
Draft Variant
Structure: Simple
Description
This vulnerability occurs when an application saves sensitive data, like passwords or keys, as plain text in the Windows Registry.
Storing unprotected information in the registry creates a major security hole. Since the registry is a standard system component, any attacker or malicious program with sufficient access can directly read these keys and steal the exposed credentials or data. Even if the data is encoded (like with Base64 or simple obfuscation), it does not provide real security. Attackers can easily recognize common encoding patterns and use automated tools to decode it, turning what looks like gibberish back into usable, sensitive information.
Common Consequences 1
Scope: Confidentiality
Impact: Read Application Data
Observed Examples 1
CVE-2005-2227Cleartext passwords in registry key.
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Modes of Introduction
Architecture and Design
Related Attack Patterns
Related Weaknesses
Taxonomy Mapping
- PLOVER
- Software Fault Patterns
Notes
TerminologyDifferent people use "cleartext" and "plaintext" to mean the same thing: the lack of encryption. However, within cryptography, these have more precise meanings. Plaintext is the information just before it is fed into a cryptographic algorithm, including already-encrypted text. Cleartext is any information that is unencrypted, although it might be in an encoded form that is not easily human-readable (such as base64 encoding).