Spoofing attack in KDE Connect
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | N/A |
| CWE-ID | CWE-451 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
KDE Connect Operating systems & Components / Operating system package or component |
| Vendor | KDE.org |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Spoofing attack
EUVDB-ID: #VU48709
Risk: Medium
CVSSv4.0: 5.8 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: N/A
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a spoofing attack.
The vulnerability exists due to the GUI component in KDE Connect presents only the friendly "deviceName" identifier to identify the pair during connection. The device name is sent in clear text in UDP broadcast messages for all nodes in the same network segment. A remote attacker can obtain the device name of a real system in the network and later use it in a spoofing attack.
Install updates from vendor's website.
Vulnerable software versionsKDE Connect: 20.03.80 - 20.11.80
CPE2.3- cpe:2.3:o:kde_org:kdeconnect-kde:20.03.80:*:*:*:*:*:*:*
- cpe:2.3:o:kde_org:kdeconnect-kde:20.03.90:*:*:*:*:*:*:*
- cpe:2.3:o:kde_org:kdeconnect-kde:20.04.0:*:*:*:*:*:*:*
http://seclists.org/oss-sec/2020/q4/169
http://github.com/KDE/kdeconnect-kde/commit/e7518493df7398f27f7dffbfc3f79750bc1fda50
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
