Main Vulnerability Database Vulnerabilities #VU67745

#VU67745 Insufficient verification of data authenticity in Matrix Javascript SDK - CVE-2022-39250

Published: September 29, 2022

Vulnerability identifier: #VU67745

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-39250

CWE-ID: CWE-345

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Matrix Javascript SDK

Software vendor:
Matrix.org

Description

The vulnerability allows a remote attacker to bypass SAS verification.

The vulnerability exists due to checking and signing user identities and devices in two separate steps, and inadequately fixing the keys to be signed between these steps. A remote attacker cooperating with a malicious home server can interfere with the verification flow between two users, injecting its own cross-signing user identity in place of one of the users’ identities, leading to the other device trusting/verifying the user identity under the control of the home server instead of the intended one.

Remediation

Install updates from vendor's website.

External links

https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-5w8r-8pgj-5jmf