Local File Exposure in StrongDM Desktop Application for Windows
CVE-2026-4387

2LOW

Key Information:

Vendor: Strongdm
Status: Strongdm Desktop Application; Strongdm Desktop Client
Vendor: CVE Published:; 29 May 2026

What is CVE-2026-4387?

The StrongDM Desktop Application for Microsoft Windows prior to version 23.74.0 and Desktop Client before 53.77.0 has a vulnerability where authentication tokens and asymmetric key material are stored in cleartext within a user-specific state file at C:\Users<username>.sdm\state.kv. This file is only secured by standard NTFS permissions, making it susceptible to local access. Successful exploitation requires local read access to the user's profile directory and specific conditions on the target system, raising serious security concerns for users relying on the application's secure operation.

Affected Version(s)

StrongDM Desktop Application Windows 0 < 23.74.0

StrongDM Desktop Client Windows 0 < 53.77.0

References

https://security.strongdm.com/?tcuUid=56fde839-9388-4361-...

vendor-advisory

CVSS V4

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2026
Vulnerability Reserved
Mar 18, 2026

Credit

Hope Walker, SpecterOps

CVE-2026-4387 Data

JSON

Strongdm

What is CVE-2026-4387?

Affected Version(s)

References

CVSS V4

Timeline

Credit