#VU20375 Cryptographic issues in OpenPGP.js - CVE-2019-9155

Cybersecurity Help s.r.o.

Published: 2019-08-23 | Updated: 2019-08-23

Vulnerability identifier: #VU20375

Vulnerability risk: Medium

CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2019-9155

CWE-ID: CWE-310

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenPGP.js
Universal components / Libraries / Libraries used by multiple products

Vendor: ProtonMail

Description

The vulnerability allows a remote attacker to extract the victim’s private key.

The vulnerability exists due to the implementation of the Elliptic Curve Diffie-Hellman (ECDH) key exchange algorithm does not verify that the communication partner’s public key is valid. A remote attacker can change an elliptic curve and calculate the victim’s resulting private key.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenPGP.js: 0.1.0 - 4.2.0

External links
https://github.com/openpgpjs/openpgpjs/pull/853
https://github.com/openpgpjs/openpgpjs/pull/853/commits/7ba4f8c655e7fd7706e8d7334e44b40fdf56c43e
https://github.com/openpgpjs/openpgpjs/releases/tag/v4.3.0
https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-openpgp-js/
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailvelope_Extensions_pdf.html#download=1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in OpenPGP.js