Description
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords.
Published: 2026-03-16
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation via Local Admin Password Exposure
Action: Apply Workaround
AI Analysis

Impact

The vulnerability involves browsers caching local administrator passwords stored in Truesec’s LAPSWebUI prior to version 2.4. This results in an attacker who gains access to a workstation being able to obtain and use those credentials, effectively escalating privileges to local administrator on that machine. The weakness is classified as CWE‑525: information exposed through caching.

Affected Systems

Truesec LAPSWebUI versions earlier than 2.4 are affected. Any deployment of the default web interface that stores passwords in a browser is susceptible.

Risk and Exploitability

The CVSS score of 6.0 reflects moderate severity, while the EPSS score of less than 1% indicates a low current exploitation probability. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires only that an attacker have any level of access to a workstation running a browser that has cached LAPS passwords; no remote code execution or elevated network privileges are necessary. By setting the HTTP response header Cache‑Control: no‑store, the attack vector is mitigated, preventing browsers from storing the credentials.

Generated by OpenCVE AI on April 7, 2026 at 09:58 UTC.

Remediation

Vendor Workaround

Make sure the web server hosting LAPSWebUI sets the following HTTP response header: Cache-Control: no-store

OpenCVE Recommended Actions

  • Configure the LAPSWebUI web server to include the header Cache‑Control: no‑store in all HTTP responses.
  • Confirm the header is present by inspecting response headers or using browser developer tools.
  • Upgrade Truesec LAPSWebUI to version 2.4 or later, where the issue is fixed.
  • Monitor for any unauthorized use of local administrative credentials on workstations.
  • Limit physical or remote workstation access to trusted personnel.

Generated by OpenCVE AI on April 7, 2026 at 09:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 07:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:truesec:lapswebui:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Truesec
Truesec lapswebui
Vendors & Products Truesec
Truesec lapswebui

Mon, 16 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 16 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 16 Mar 2026 11:00:00 +0000

Type Values Removed Values Added
Description Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords.
Title Admin Passwords Cached by Browsers in Truesec LAPSWebUI
Weaknesses CWE-525
References
Metrics cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H'}

Subscriptions

Truesec Lapswebui
cve-icon MITRE

Status: PUBLISHED

Assigner: NCSC-FI

Published:

Updated: 2026-03-16T12:35:35.519Z

Reserved: 2026-02-02T05:56:44.566Z

Link: CVE-2025-15554

cve-icon Vulnrichment

Updated: 2026-03-16T11:17:26.566Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-16T14:17:56.427

Modified: 2026-04-07T00:50:55.053

Link: CVE-2025-15554

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T20:01:34Z

Weaknesses