Key Exchange without Entity Authentication

CVE-2022-39254

Medium

6.5/10

Summary

matrix-nio is a Python Matrix client library, designed according to sans I/O principles. Prior to version 0.20, when a users requests a room key from their devices, the software correctly remember the request. Once they receive a forwarded room key, they accept it without checking who the room key came from. This allows homeservers to try to insert room keys of questionable validity, potentially mounting an impersonation attack. Version 0.20 fixes the issue.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: NONE

CWE-322 - Key Exchange without Entity Authentication

The software performs a key exchange with an actor without verifying the identity of that actor.

References

Advisory
Release Note

Advisory Timeline

Published Sep 29, 2022

Key Exchange without Entity Authentication

CVE-2022-39254

Summary

CWE-322 - Key Exchange without Entity Authentication

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS