Severity by source
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionGitHub Advisory
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit value. As a result, the stored EditPassword hash only preserves the low nibble of each digest byte, reducing the effective entropy from 160 bits to 80 bits. This is layered on top of an unsalted SHA-1 scheme. The reduced entropy makes leaked or backed-up password hashes materially easier to brute-force.
This issue has been fixed in version 1.17.3.
AnalysisAI
Sandboxie-Plus versions 1.17.2 and earlier contain a cryptographic implementation flaw in SbieIniServer::HashPassword that reduces SHA-1 password hash entropy from 160 bits to 80 bits by incorrectly shifting the high nibble of each byte right by 8 instead of 4, combined with an unsalted hashing scheme. This makes leaked or backed-up EditPassword hashes significantly easier to brute-force, enabling attackers with local access and low privileges to recover plaintext passwords through offline attack. The vulnerability is fixed in version 1.17.3.
Technical ContextAI
Sandboxie-Plus implements password protection for administrative functions via the EditPassword parameter, which is hashed using SHA-1 and stored in configuration. The vulnerability exists in the hexadecimal conversion logic of SbieIniServer::HashPassword, where a bitwise shift operation is miscalculated. Instead of right-shifting by 4 bits to extract the high nibble from each byte of the SHA-1 digest, the code shifts by 8 bits, which always results in zero for an 8-bit value. This causes only the low nibble (4 bits) of each digest byte to be preserved in the stored hash. Combined with the absence of a cryptographic salt, this reduces the theoretical entropy from 160 bits (full SHA-1) to 80 bits (half-nibbles only), making the hash vulnerable to precomputation and dictionary attacks. The root cause is a CWE-328 (Use of Insufficiently Random Values) vulnerability layered with a cryptographic hash function implementation defect.
RemediationAI
Upgrade Sandboxie-Plus to version 1.17.3 or later, which corrects the HashPassword bitwise shift operation and implements proper SHA-1 hexadecimal conversion. Users on version 1.17.2 or earlier should prioritize this patch as it directly addresses the cryptographic flaw. For systems where immediate upgrading is not feasible, administrators should audit all stored password hashes in Sandboxie configuration files (typically located in %ProgramData%\Sandboxie-Plus or user-specific registry hives) and regenerate passwords post-upgrade to discard any compromised hashes. Additionally, if backups of Sandboxie configuration have been created while running vulnerable versions, those backups should be removed or secured to prevent offline hash recovery attacks. The patch introduces no known side effects and is a routine security update.
Same weakness CWE-328 – Use of Weak Hash
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-27466