CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39257 – Matrix iOS SDK vulnerable to impersonation via forwarded Megolm sessions
https://notcve.org/view.php?id=CVE-2022-39257
Matrix iOS SDK allows developers to build iOS apps compatible with Matrix. Prior to version 0.23.19, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others. This attack is possible due to the matrix-ios-sdk implementing a too permissive key forwarding strategy. The default policy for accepting key forwards has been made more strict in the matrix-ios-sdk version 0.23.19. matrix-ios-sdk will now only accept forwarded keys in response to previously issued requests and only from own, verified devices. • https://github.com/matrix-org/matrix-ios-sdk/commit/5ca86c328a5faaab429c240551cb9ca8f0f6262c https://github.com/matrix-org/matrix-ios-sdk/releases/tag/v0.23.19 https://github.com/matrix-org/matrix-ios-sdk/security/advisories/GHSA-qxr3-5jmq-xcf4 https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients • CWE-287: Improper Authentication CWE-322: Key Exchange without Entity Authentication •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39255 – Matrix iOS SDK vulnerable ton Olm/Megolm protocol confusion
https://notcve.org/view.php?id=CVE-2022-39255
Matrix iOS SDK allows developers to build iOS apps compatible with Matrix. Prior to version 0.23.19, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophisticated attacker cooperating with a malicious homeserver could employ this vulnerability to perform a targeted attack in order to send fake to-device messages appearing to originate from another user. This can allow, for example, to inject the key backup secret during a self-verification, to make a targeted device start using a malicious key backup spoofed by the homeserver. These attacks are possible due to a protocol confusion vulnerability that accepts to-device messages encrypted with Megolm instead of Olm. matrix-ios-sdk version 0.23.19 has been modified to only accept Olm-encrypted to-device messages. • https://github.com/matrix-org/matrix-ios-sdk/commit/5ca86c328a5faaab429c240551cb9ca8f0f6262c https://github.com/matrix-org/matrix-ios-sdk/releases/tag/v0.23.19 https://github.com/matrix-org/matrix-ios-sdk/security/advisories/GHSA-hw6g-j8v6-9hcm https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients • CWE-287: Improper Authentication CWE-322: Key Exchange without Entity Authentication •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39248 – matrix-android-sdk2 vulnerable to Olm/Megolm protocol confusion
https://notcve.org/view.php?id=CVE-2022-39248
matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophisticated attacker cooperating with a malicious homeserver could employ this vulnerability to perform a targeted attack in order to send fake to-device messages appearing to originate from another user. This can allow, for example, to inject the key backup secret during a self-verification, to make a targeted device start using a malicious key backup spoofed by the homeserver. matrix-android-sdk2 would then additionally sign such a key backup with its device key, spilling trust over to other devices trusting the matrix-android-sdk2 device. These attacks are possible due to a protocol confusion vulnerability that accepts to-device messages encrypted with Megolm instead of Olm. matrix-android-sdk2 version 1.5.1 has been modified to only accept Olm-encrypted to-device messages and to stop signing backups on a successful decryption. • https://github.com/matrix-org/matrix-android-sdk2/commit/77df720a238d17308deab83ecaa37f7a4740a17e https://github.com/matrix-org/matrix-android-sdk2/releases/tag/v1.5.1 https://github.com/matrix-org/matrix-android-sdk2/security/advisories/GHSA-fpgf-pjjv-2qgm https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients • CWE-287: Improper Authentication CWE-322: Key Exchange without Entity Authentication •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39246 – matrix-android-sdk2 vulnerable to impersonation via forwarded Megolm sessions
https://notcve.org/view.php?id=CVE-2022-39246
matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others. This attack is possible due to the key forwarding strategy implemented in the matrix-android-sdk2 that is too permissive. Starting with version 1.5.1, the default policy for accepting key forwards has been made more strict in the matrix-android-sdk2. • https://github.com/matrix-org/matrix-android-sdk2/commit/77df720a238d17308deab83ecaa37f7a4740a17e https://github.com/matrix-org/matrix-android-sdk2/releases/tag/v1.5.1 https://github.com/matrix-org/matrix-android-sdk2/security/advisories/GHSA-2pvj-p485-cp3m https://github.com/matrix-org/matrix-spec-proposals/pull/3061 • CWE-287: Improper Authentication CWE-322: Key Exchange without Entity Authentication •