Executive Summary

Summary
Title OpenPGP and S/MIME mail client vulnerabilities
Informations
NameVU#122919First vendor Publication2018-05-14
VendorVU-CERTLast vendor Modification2018-05-15
Severity (Vendor) N/ARevisionM

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#122919

OpenPGP and S/MIME mail client vulnerabilities

Original Release date: 14 May 2018 | Last revised: 15 May 2018

Overview

Mail clients may leak plaintext messages while decrypting OpenPGP and S/MIME messages.

Description

Email clients supporting the OpenPGP or S/MIME standards may be vulnerable to a CBC/CFB gadget attack which may allow an attacker to inject content into an encrypted email which would establish an exfiltration channel when decrypted by the victim's email client. For example, injecting an HTML image tag which, when rendered by the email client, sends the plaintext as part of an HTTP request.

CVE-2017-17688: OpenPGP CFB Attacks
CVE-2017-17689: S/MIME CBC Attacks

Additionally some email clients, which do not isolate multiple MIME parts, allow attackers to wrap an encrypted message into plaintext MIME parts, which when decrypted and rendered by the email client results in an HTML based back-channel, eliminating the need to perform the gadget attacks.

Additional details can be found in the paper describing the attacks.

Impact

A remote attack could recover plaintext from encrypted emails without access to the encryption keys.

Solution

The CERT/CC is currently unaware of a practical solution to this problem. However, there are some mitigations that may be taken:

Decrypt mail outside of mail client
Using a separate application outside of your mail client to decrypt incoming emails prevents exfiltration channels from being opened by the email client.

Disable HTML rendering
Preventing your email client from rendering HTML will prevent the predominant form of establishing exfiltration channels.

Disable Remote Content Loading
Preventing your email client from loading remote content without permission can also help against the predominate form of establishing exfiltration channels.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
9Folders, Inc.Affected-14 May 2018
AirmailAffected-14 May 2018
AppleAffected-14 May 2018
eM ClientAffected-14 May 2018
EvolutionAffected-14 May 2018
Flipdog Solutions, LLCAffected-14 May 2018
GnuPGAffected-15 May 2018
GoogleAffected-14 May 2018
GPGToolsAffected-14 May 2018
IBM CorporationAffected-14 May 2018
KMailAffected-14 May 2018
MailMateAffected-14 May 2018
MicrosoftAffected-14 May 2018
MozillaAffected-14 May 2018
Postbox, Inc.Affected-14 May 2018
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

GroupScoreVector
Base0.0AV:--/AC:--/Au:--/C:--/I:--/A:--
Temporal0.0E:ND/RL:ND/RC:ND
Environmental0.0CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

  • https://efail.de/
  • https://efail.de/efail-attack-paper.pdf
  • https://tools.ietf.org/html/rfc4880

Credit

Credit is attributed to Damian Poddebniak, Christian Dresen, Jens Muller, Fabian Ising, Sebastian Schinzel1, Simon Friedberger, Juraj Somorovsky, and Jorg Schwenk

This document was written by Trent Novelly.

Other Information

  • CVE IDs:CVE-2017-17688 CVE-2017-17689
  • Date Public:14 May 2018
  • Date First Published:14 May 2018
  • Date Last Updated:15 May 2018
  • Document Revision:21

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/122919

CWE : Common Weakness Enumeration

%idName
100 %CWE-310Cryptographic Issues

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application2
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application4
Application1
Application1
Application1
Application1
Application1

Nessus® Vulnerability Scanner

DateDescription
2018-05-29Name : The remote Fedora host is missing a security update.
File : fedora_2018-25525a9346.nasl - Type : ACT_GATHER_INFO
2018-05-29Name : The remote Fedora host is missing a security update.
File : fedora_2018-6020628437.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2018-08-02 21:18:45
  • Multiple Updates
2018-05-15 17:18:14
  • Multiple Updates
2018-05-15 00:18:28
  • First insertion