Cryptomator for IOS offers multi-platform transparent client-side encryption for files in the cloud. Prior to version 2.8.3, an integrity check vulnerability allows an attacker tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism. Before this fix, the client trusted endpoints from the vault config without host authenticity checks, which could allow token exfiltration by mixing a legitimate auth endpoint with a malicious API endpoint.
Impacted are users unlocking Hub-backed vaults with affected client versions in environments where an attacker can alter the vault.cryptomator file. This issue has been patched in version 2.8.3.
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
High
Difficult to exploit
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
High
Complete data leak
Integrity
Low
Partial data modification
Availability
None
No disruption
CVSS Vector v3.1
Weakness Type (CWE)
Vulnerable Products 2
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Cryptomator Cryptomator
cpe:2.3:a:cryptomator:cryptomator:*:*:*:*:*:*:*:*
|
— |
<= 2.8.2
|
|
Apple Iphone_Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
|
— | — |
References 4
https://github.com/cryptomator/ios/commit/98c31280304af65c0932eb547d5fe4be2d169…
security-advisories@github.com
https://github.com/cryptomator/ios/pull/444
security-advisories@github.com
https://github.com/cryptomator/ios/releases/tag/2.8.3
security-advisories@github.com
https://github.com/cryptomator/ios/security/advisories/GHSA-g7fr-c82r-hm6j
security-advisories@github.com