The sending of encrypted messages with various messengers is at risk due to two critical vulnerabilities.
Several bugs have wormed their way into the Matrix Chat Protocol software development kit (SDK), leaving chat clients built with it vulnerable. Among other things, the end-to-end encryption should be protected by two critical“ classified vulnerabilities may be at risk. Security updates are available. There have been no attacks so far.
Many clients already secured
A warning message states that the messengers Beeper, Cinny, Circuli, Element, SchildiChat and Synod.im created with the vulnerable SDK (matrix-js-sdk, matrix-andorid-sdk2) are threatened.
The Matrix developers emphasize that the critical vulnerabilities are implementation errors and not bugs in the Matrix protocol. The bugs should only occur in the first generation of the SDK. Clients such as FluffyChat, Hydrogen and Gomuks are not affected by the vulnerabilities. A security update is already available for Thunderbird. The mail client supports the Matrix protocol as an option since version 102.
Attacks not easily possible
In order to be able to attack the gaps, however, attackers must already be server admins. If this is the case, they could start with the authentication of devices and authenticate themselves instead of the device (CVE-2022-39250). They could also spoof senders of encrypted messages or steal message keys (CVE-2022-39251).
Security researchers from the University of London and the University of Sheffield provide further information on the security gaps and possible attacks in a report.