CVE-2022-39202

IRC mode parameter confusion in matrix-appservice-irc

Severity Score

6.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. The Internet Relay Chat (IRC) protocol allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such modes incorrectly, potentially resulting in the wrong user being given permissions. Mode commands can only be executed by privileged users, so this can only be abused if an operator is tricked into running the command on behalf of an attacker. The vulnerability has been patched in matrix-appservice-irc 0.35.0. As a workaround users should refrain from entering mode commands suggested by untrusted users. Avoid using multiple modes in a single command.

matrix-appservice-irc es un puente IRC de código abierto Node.js para Matrix. El protocolo Internet Relay Chat (IRC) permite especificar múltiples modos en un solo comando de modo. Debido a un error en la biblioteca matrix-org/node-irc subyacente, las versiones afectadas de matrix-appservice-irc llevan a cabo el análisis de dichos modos de forma incorrecta, resultando potencialmente en que sean dados permisos al usuario equivocado. Los comandos de modo sólo pueden ser ejecutados por usuarios privilegiados, por lo que esto sólo puede ser abusado si un operador es engañado para ejecutar el comando en nombre de un atacante. La vulnerabilidad ha sido parcheada en matrix-appservice-irc versión 0.35.0. Como mitigación, los usuarios deben abstenerse de introducir comandos de modo sugeridos por usuarios no confiables. Evite usar varios modos en un solo comando

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-09-02 CVE Reserved
2022-09-13 CVE Published
2024-04-05 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-269: Improper Privilege Management

CAPEC

References (3)

URL	Tag	Source
https://github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-cq7q-5c67-w39w	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/matrix-org/matrix-appservice-irc/commit/5f87dbed87b4b6dc49b7965ff152ee8535719e67	2022-09-16

URL	Date	SRC
https://matrix.org/blog/2022/09/13/security-release-of-matrix-appservice-irc-0-35-0-high-severity	2022-09-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Matrix Search vendor "Matrix"		Matrix Irc Bridge Search vendor "Matrix" for product "Matrix Irc Bridge"				< 0.35.0 Search vendor "Matrix" for product "Matrix Irc Bridge" and version " < 0.35.0"		node.js		Affected