#VU67745 Insufficient verification of data authenticity in Matrix Javascript SDK - CVE-2022-39250
Published: September 29, 2022
Vulnerability identifier: #VU67745
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-39250
CWE-ID: CWE-345
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Matrix Javascript SDK
Matrix Javascript SDK
Software vendor:
Matrix.org
Matrix.org
Description
The vulnerability allows a remote attacker to bypass SAS verification.
The vulnerability exists due to checking and signing user identities and devices in two separate steps, and inadequately fixing the keys to be signed between these steps. A remote attacker cooperating with a malicious home server can interfere with the verification flow between two users, injecting its own cross-signing user identity in place of one of the users’ identities, leading to the other device trusting/verifying the user identity under the control of the home server instead of the intended one.
Remediation
Install updates from vendor's website.