CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41193 – Use of Externally-Controlled Format String in wire-avs
https://notcve.org/view.php?id=CVE-2021-41193
wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger. A remote format string vulnerability in versions prior to 7.1.12 allows an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 7.1.12. There are currently no known workarounds. wire-avs es el componente de señalización audiovisual (AVS) de Wire, un mensajero de código abierto. Una vulnerabilidad de cadena de formato remota en versiones anteriores a 7.1.12, permite a un atacante causar una denegación de servicio o posiblemente ejecutar código arbitrario. • https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe https://github.com/wireapp/wire-avs/security/advisories/GHSA-2j6v-xpf3-xvrv • CWE-134: Use of Externally-Controlled Format String •
CVSS: 4.4EPSS: 0%CPEs: 348EXPL: 0CVE-2022-23605 – Expired Ephemeral Messages not reliably removed in wire-webapp
https://notcve.org/view.php?id=CVE-2022-23605
Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. In versions before 2022-01-27-production.0 ephemeral messages and assets might still be accessible through the local search functionality. Any attempt to view one of these message in the chat view will then trigger the deletion. This issue only affects locally stored messages. • https://github.com/wireapp/wire-webapp/commit/42c9a1edddbdd5d4d8f9a196a98f6fc19bb21741 https://github.com/wireapp/wire-webapp/security/advisories/GHSA-2w3m-ppfg-hg62 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41100 – Account takeover when having only access to a user's short lived token in wire-server
https://notcve.org/view.php?id=CVE-2021-41100
Wire-server is the backing server for the open source wire secure messaging application. In affected versions it is possible to trigger email address change of a user with only the short-lived session token in the `Authorization` header. As the short-lived token is only meant as means of authentication by the client for less critical requests to the backend, the ability to change the email address with a short-lived token constitutes a privilege escalation attack. Since the attacker can change the password after setting the email address to one that they control, changing the email address can result in an account takeover by the attacker. Short-lived tokens can be requested from the backend by Wire clients using the long lived tokens, after which the long lived tokens can be stored securely, for example on the devices key chain. • https://github.com/wireapp/wire-server/security/advisories/GHSA-9rm2-w6pq-333m • CWE-285: Improper Authorization CWE-613: Insufficient Session Expiration •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41094 – Mandatory encryption at rest can be bypassed (UI) in Wire app
https://notcve.org/view.php?id=CVE-2021-41094
Wire is an open source secure messenger. Users of Wire by Bund may bypass the mandatory encryption at rest feature by simply disabling their device passcode. Upon launching, the app will attempt to enable encryption at rest by generating encryption keys via the Secure Enclave, however it will fail silently if no device passcode is set. The user has no indication that encryption at rest is not active since the feature is hidden to them. This issue has been resolved in version 3.70 Wire es una mensajería segura de código abierto. • https://github.com/wireapp/wire-ios/commit/5ba3eb180efc3fc795d095f9c84ae7f109b84746 https://github.com/wireapp/wire-ios/security/advisories/GHSA-h4m7-pr8h-j7rf • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41093 – Account takeover when having only access to a user's short lived token
https://notcve.org/view.php?id=CVE-2021-41093
Wire is an open source secure messenger. In affected versions if the an attacker gets an old but valid access token they can take over an account by changing the email. This issue has been resolved in version 3.86 which uses a new endpoint which additionally requires an authentication cookie. See wire-ios-sync-engine and wire-ios-transport references. This is the root advisory that pulls the changes together. • https://github.com/wireapp/wire-ios-sync-engine/security/advisories/GHSA-w727-5f74-49xj https://github.com/wireapp/wire-ios-transport/security/advisories/GHSA-p354-6r3m-g4xr https://github.com/wireapp/wire-ios/commit/b0e7bb3b13dd8212032cb46e32edf701694687c7 https://github.com/wireapp/wire-ios/security/advisories/GHSA-6f4c-phfj-m255 https://github.com/wireapp/wire-server/security/advisories/GHSA-9rm2-w6pq-333m • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •