Overview

Dashlane has fixed an issue that, if Dashlane’s servers were fully compromised, could have allowed the injection of items into a vault, resulting in the downgrade of the encryption model used to generate encryption keys and protect user vaults. 

A fix was released on November 5, 2025, in Dashlane Browser Extension version 6.2544.1. Dashlane has found no evidence of exploitation of this issue.

The issue was reported to Dashlane by external security researchers as part of a broader examination of the security properties of password managers that have made their source code public. 

Affected Products

Dashlane web extension version 6.2543 and older versions.

A fix was released in Extension version 6.2544.1, released on November 5, 2025.

Dashlane’s mobile applications are not impacted.

Recommended actions

If you're using an affected version of the Dashlane Extension, update to the latest version.

Description

Each Dashlane user’s cryptographic settings are stored as an item in their vault. These cryptographic settings determine how encryption keys are derived from a Master Password (if a Master Password is used), and what type of encryption is used to protect vault items.

Assuming a starting point where Dashlane’s servers are already fully compromised, security researchers identified an issue that could allow attackers to downgrade these cryptographic settings.

Execution of a downgrade involves an attacker taking advantage of an issue that allows for the injection of attacker-forged items into the vault, to insert a malicious cryptographic settings item. Assuming attacker-optimal conditions, the minimum time needed to inject one malicious cryptographic settings item is approximately 126 days (~ 4.2 months).

Depending on which cryptographic settings were downgraded, there could be two areas of effect:

1. Downgrade KDF Iterations or Type: A KDF (Key Derivation Function) turns human-readable passwords into the encryption keys that are used to protect the items in a user’s vault. A downgraded KDF means less resistance to a brute-force attack targeting the Master Password. This risk does not apply to Master Password-less or single sign-on (SSO) accounts, as their encryption keys are generated with high entropy and are not derived from a user-chosen password.
2. Downgrade to CBC-Only: Vault items are protected with encryption. “CBC-only” is an encryption cipher mode that is vulnerable to Padding Oracle attacks. Padding Oracle attacks enable attackers to decrypt ciphertext without knowing the encryption key. In this context, it means attackers could decrypt “downgraded” vault items.

These issues are the result of the allowed use of legacy CBC-only cryptography. This legacy cryptography was supported by Dashlane in certain cases for backwards compatibility and migration flexibility.

Dashlane has removed support for CBC-only cryptography, making these downgrade attacks no longer possible.

Impact

The item injection issue could allow attackers to insert attacker-forged items into a vault. With enough time (a minimum of ~126 days) in attacker-optimal conditions, a cryptographic settings item with downgraded parameters could be created. 

The downgrade of a user’s cryptographic settings could result in two scenarios:

1. Downgraded KDF: Weakened resistance to brute-force attacks means that in situations where a Master Password is weak or easily guessed, this could lead to the compromise of the Master Password, and subsequently, the user’s vault. Users with strong Master Passwords would not be vulnerable.
2. Downgrade to CBC-Only: Weakening the encryption of vault items could allow an attacker to compromise vault items individually by decrypting them one by one. Only vault items created, modified, or deleted after the downgrade would be vulnerable.

Acknowledgements

Dashlane would like to thank Matteo Scarlata, Giovanni Torrisi, Matilda Backendal, and Kenny Paterson from ETH Zurich’s Applied Cryptography group for reporting this issue and for their assistance throughout.