The host is installed with KeePass through 2.33 and is prone to an improper input validation vulnerability. A flaw is present in the application which fails to properly handle an issue in the automatic update feature. Successful exploitation allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.