Cryptographic issues in OpenPGP.js

#VU20375 Cryptographic issues in OpenPGP.js

Published: 2019-08-23 | Updated: 2019-08-23

Vulnerability identifier: #VU20375

Vulnerability risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-9155

CWE-ID: CWE-310

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenPGP.js
Universal components / Libraries / Libraries used by multiple products

Vendor: ProtonMail

Description

The vulnerability allows a remote attacker to extract the victim’s private key.

The vulnerability exists due to the implementation of the Elliptic Curve Diffie-Hellman (ECDH) key exchange algorithm does not verify that the communication partner’s public key is valid. A remote attacker can change an elliptic curve and calculate the victim’s resulting private key.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenPGP.js: 0.1.0 - 4.2.0

External links
http://github.com/openpgpjs/openpgpjs/pull/853
http://github.com/openpgpjs/openpgpjs/pull/853/commits/7ba4f8c655e7fd7706e8d7334e44b40fdf56c43e
http://github.com/openpgpjs/openpgpjs/releases/tag/v4.3.0
http://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-openpgp-js/
http://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailvelope_Extensions_pdf.html#download=1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in OpenPGP.js