Multiple vulnerabilities in OpenPGP.js



Published: 2019-08-23
Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2019-9153
CVE-2019-9154
CVE-2019-9155
CWE-ID CWE-287
CWE-310
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #2 is available.
Public exploit code for vulnerability #3 is available.
Vulnerable software
Subscribe
OpenPGP.js
Universal components / Libraries / Libraries used by multiple products

Vendor ProtonMail

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Improper Authentication

EUVDB-ID: #VU20371

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-9153

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due the software does not verify the signature type during verification of a message signature. A remote attacker can send a specially crafted message with replaced signatures with a "standalone" or "timestamp" signature and  forge signed messages.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenPGP.js: 0.1.0 - 4.2.0

External links

http://github.com/openpgpjs/openpgpjs/pull/797/commits/327d3e5392a6f59a4270569d200c7f7a2bfc4cbc
http://github.com/openpgpjs/openpgpjs/pull/816
http://github.com/openpgpjs/openpgpjs/releases/tag/v4.2.0
http://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-openpgp-js/
http://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailv...


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Improper Authentication

EUVDB-ID: #VU20372

Risk: Medium

CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-9154

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to the unhashed subpackets are not cryptographically protected. A remote attacker can arbitrarily modify the contents of e.g. a key certification signature or revocation signature. As a result, the attacker can e.g. convince a victim to use an obsolete key for encryption.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenPGP.js: 0.1.0 - 4.2.0

External links

http://github.com/openpgpjs/openpgpjs/pull/797
http://github.com/openpgpjs/openpgpjs/pull/797/commits/47138eed61473e13ee8f05931119d3e10542c5e1
http://github.com/openpgpjs/openpgpjs/releases/tag/v4.2.0
http://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-openpgp-js/
http://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailvelope_Extensions_pdf.html#download=1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Cryptographic issues

EUVDB-ID: #VU20375

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-9155

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to extract the victim’s private key.

The vulnerability exists due to the implementation of the Elliptic Curve Diffie-Hellman (ECDH) key exchange algorithm does not verify that the communication partner’s public key is valid. A remote attacker can change an elliptic curve and calculate the victim’s resulting private key.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenPGP.js: 0.1.0 - 4.2.0

External links

http://github.com/openpgpjs/openpgpjs/pull/853
http://github.com/openpgpjs/openpgpjs/pull/853/commits/7ba4f8c655e7fd7706e8d7334e44b40fdf56c43e
http://github.com/openpgpjs/openpgpjs/releases/tag/v4.3.0
http://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-openpgp-js/
http://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailvelope_Extensions_pdf.html#download=1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###