Cleartext Storage of Sensitive Information in Executable

Description

This vulnerability occurs when an application embeds sensitive information, like passwords or keys, directly within its executable code without encryption.

Extended Description

Attackers can extract this hidden data by reverse-engineering the compiled binary. Common techniques include using simple strings analysis or more advanced decompilation tools, which can easily reveal plain-text secrets. This makes the embedded information as exposed as if it were written in a public configuration file. Even if the data is encoded or obfuscated, determined attackers can often identify the encoding scheme and decode it. Relying on encoding instead of strong encryption or secure external storage creates a false sense of security, as the secret remains fundamentally recoverable from the distributed application file.

Common Consequences 1

Scope: Confidentiality

Impact: Read Application Data

Observed Examples 2

CVE-2005-1794Product stores RSA private key in a DLL and uses it to sign a certificate, allowing spoofing of servers and Adversary-in-the-Middle (AITM) attacks.

CVE-2001-1527administration passwords in cleartext in executable

Applicable Platforms

Languages:

Not Language-Specific : Undetermined

Modes of Introduction

Implementation

Related Attack Patterns

Related Weaknesses

ChildOf:

Cleartext Storage of Sensitive Information (CWE-312)

Taxonomy Mapping

PLOVER

Notes

TerminologyDifferent people use "cleartext" and "plaintext" to mean the same thing: the lack of encryption. However, within cryptography, these have more precise meanings. Plaintext is the information just before it is fed into a cryptographic algorithm, including already-encrypted text. Cleartext is any information that is unencrypted, although it might be in an encoded form that is not easily human-readable (such as base64 encoding).