Sandboxie Password Handling Vulnerability in Sandbox Creation and Modification

A critical vulnerability in password handling has been identified in Sandboxie versions 1.16.1 and prior. During the creation of encrypted sandboxes, user passwords are transmitted via shared memory, creating a risk of interception. This issue is exacerbated during password modification, where both old and new passwords are sent as plaintext command-line arguments to the Imbox process, without any encryption or obfuscation. This flaw allows any process within the user session, including those with no special privileges, to access these sensitive passwords by reading the command-line arguments, bypassing standard privilege requirements.

Impact

The vulnerability leads to unauthorized access to plaintext passwords used for encrypted sandboxes, allowing interception by any unprivileged process in the user session.

Reproduction

The vulnerability can be reproduced by changing the password of an encrypted sandbox in Sandboxie versions through 1.16.1. During this process, both the old and new passwords are exposed as plaintext in the command-line arguments of the Imbox process, which can be read by any unprivileged process in the user session.

Remediation

Users can update to Sandboxie version 1.16.2, where this vulnerability has been fixed.