Recently settled vulnerabilities in SecurEnvoy’s encrypted email transfer SecurMail created a way for encrypted emails in users’ inboxes to be browse, overwritten and deleted by other individuals.
The flaws – uncovered by Austrian security business SEC Seek advice from throughout a crash check – bundled cross-site scripting, cross-site ask for forgery, and missing authentication flaws. In order to deliver encrypted emails, a customer did not need to have to authenticate on the SecurEnvoy server, in accordance to SEC Seek advice from. This opened the door for hackers to either extract all emails stored on the server or to modify messages.
Separate insecure immediate item reference and path traversal vulnerabilities both of those created implies for a “legitimate receiver to browse mails sent to other end users in plain text”.
“As we have discovered several vital vulnerabilities inside a pretty small time frame we anticipate a lot of other vulnerabilities to be existing,” SEC Consult’s Johannes Greil explained to The Register. “As other SecurEnvoy merchandise (other than the analysed SecurMail) look to be highly integrated (all merchandise are mounted with a single set up file) we suspect other parts to also go through from serious security deficits.”
In reaction to queries from El Reg, SecurEnvoy verified that it experienced patched SecurMail, adding that “this issue does not impact any other SecurEnvoy merchandise”.
SEC Seek advice from initially notified SecurEnvoy about issues in SecurMail version 9.one.501 in late November. SecurEnvoy launched a patch at the begin of the thirty day period, clearing the way for SEC Seek advice from to go general public with an advisory.
SecurMail end users are urged to upgrade as quickly as possible by either implementing the security patch one_012018 or updating to version 9.2.501 of the software package. ®