Skip to main content

Software Development Kit CVE-2022-39248

HIGH
Improper Authentication (CWE-287)
2022-09-28 security-advisories@github.com
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Sep 28, 2022 - 20:15 nvd
HIGH 7.5

DescriptionNVD

matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophisticated attacker cooperating with a malicious homeserver could employ this vulnerability to perform a targeted attack in order to send fake to-device messages appearing to originate from another user. This can allow, for example, to inject the key backup secret during a self-verification, to make a targeted device start using a malicious key backup spoofed by the homeserver. matrix-android-sdk2 would then additionally sign such a key backup with its device key, spilling trust over to other devices trusting the matrix-android-sdk2 device. These attacks are possible due to a protocol confusion vulnerability that accepts to-device messages encrypted with Megolm instead of Olm. matrix-android-sdk2 version 1.5.1 has been modified to only accept Olm-encrypted to-device messages and to stop signing backups on a successful decryption. Out of caution, several other checks have been audited or added. This attack requires coordination between a malicious home server and an attacker, so those who trust their home servers do not need a workaround.

AnalysisAI

matrix-android-sdk2 is the Matrix SDK for Android. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Technical ContextAI

This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophisticated attacker cooperating with a malicious homeserver could employ this vulnerability to perform a targeted attack in order to send fake to-device messages appearing to originate from another user. This can allow, for example, to inject the key backup secret during a self-verification, to make a targeted device start using a malicious key backup spoofed by the homeserver. matrix-android-sdk2 would then additionally sign such a key backup with its device key, spilling trust over to other devices trusting the matrix-android-sdk2 device. These attacks are possible due to a protocol confusion vulnerability that accepts to-device messages encrypted with Megolm instead of Olm. matrix-android-sdk2 version 1.5.1 has been modified to only accept Olm-encrypted to-device messages and to stop signing backups on a successful decryption. Out of caution, several other checks have been audited or added. This attack requires coordination between a malicious home server and an attacker, so those who trust their home servers do not need a workaround. Affected products include: Matrix Software Development Kit. Version information: version 1.5.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.

CVE-2024-24292 CRITICAL POC
9.8 Mar 28

A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function

CVE-2024-20017 CRITICAL POC
9.8 Mar 04

In wlan service, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS

CVE-2025-20654 CRITICAL
9.8 Apr 07

In wlan service, there is a possible out of bounds write due to an incorrect bounds check. Rated critical severity (CVSS

CVE-2025-20646 CRITICAL
9.8 Mar 03

In wlan AP FW, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS 9

CVE-2025-20674 CRITICAL
9.8 Jun 02

Remote privilege escalation in Android WLAN AP driver via packet injection.

CVE-2025-20684 CRITICAL
9.8 Jul 08

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local es

CVE-2025-20683 CRITICAL
9.8 Jul 08

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local es

CVE-2025-20682 CRITICAL
9.8 Jul 08

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local es

CVE-2025-20681 CRITICAL
9.8 Jul 08

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local es

CVE-2024-20103 CRITICAL
9.8 Oct 07

In wlan firmware, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVS

CVE-2024-20101 CRITICAL
9.8 Oct 07

In wlan driver, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS

CVE-2024-20100 CRITICAL
9.8 Oct 07

In wlan driver, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS

Share

CVE-2022-39248 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy