CVE-2022-39255

Matrix iOS SDK vulnerable ton Olm/Megolm protocol confusion

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Matrix iOS SDK allows developers to build iOS apps compatible with Matrix. Prior to version 0.23.19, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophisticated attacker cooperating with a malicious homeserver could employ this vulnerability to perform a targeted attack in order to send fake to-device messages appearing to originate from another user. This can allow, for example, to inject the key backup secret during a self-verification, to make a targeted device start using a malicious key backup spoofed by the homeserver. These attacks are possible due to a protocol confusion vulnerability that accepts to-device messages encrypted with Megolm instead of Olm. matrix-ios-sdk version 0.23.19 has been modified to only accept Olm-encrypted to-device messages. Out of caution, several other checks have been audited or added. This attack requires coordination between a malicious home server and an attacker, so those who trust their home servers do not need a workaround. To avoid malicious backup attacks, one should not verify one's new logins using emoji/QR verifications methods until patched.

Matrix iOS SDK permite a desarrolladores crear aplicaciones para iOS compatibles con Matrix. En versiones anteriores a 0.23.19, un atacante que coopere con un servidor doméstico malicioso puede construir mensajes que parezcan legítimamente proceder de otra persona, sin ninguna indicación como un escudo gris. Además, un atacante sofisticado que coopere con un servidor doméstico malicioso podría emplear esta vulnerabilidad para llevar a cabo un ataque dirigido con el fin de enviar mensajes falsos al dispositivo que parezcan proceder de otro usuario. Esto puede permitir, por ejemplo, inyectar el secreto de la copia de seguridad de la clave durante una autoverificación, para hacer que un dispositivo objetivo comience a usar una copia de seguridad de la clave maliciosa falsificada por el servidor doméstico. Estos ataques son posibles debido a una vulnerabilidad de confusión de protocolo que acepta mensajes to-device cifrados con Megolm en lugar de Olm. matrix-ios-sdk versión 0.23.19, ha sido modificada para aceptar únicamente mensajes to-device cifrados con Olm. Por precaución, han sido auditadas o añadidas otras comprobaciones. Este ataque requiere la coordinación entre un servidor doméstico malicioso y un atacante, por lo que aquellos que confían en sus servidores domésticos no necesitan una mitigación. Para evitar ataques maliciosos de copia de seguridad, no deben verificarse los nuevos inicios de sesión usando métodos de verificación emoji/QR hasta que sea aplicado el parche

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

High

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-09-02 CVE Reserved
2022-09-28 CVE Published
2024-04-20 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-287: Improper Authentication
CWE-322: Key Exchange without Entity Authentication

CAPEC

References (4)

URL	Tag	Source
https://github.com/matrix-org/matrix-ios-sdk/releases/tag/v0.23.19	Release Notes
https://github.com/matrix-org/matrix-ios-sdk/security/advisories/GHSA-hw6g-j8v6-9hcm	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/matrix-org/matrix-ios-sdk/commit/5ca86c328a5faaab429c240551cb9ca8f0f6262c	2022-09-30

URL	Date	SRC
https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients	2022-09-30

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Matrix Search vendor "Matrix"		Software Development Kit Search vendor "Matrix" for product "Software Development Kit"				< 0.23.19 Search vendor "Matrix" for product "Software Development Kit" and version " < 0.23.19"		iphone_os		Affected