ProtonMail Code Vulnerabilities Leaked Emails

Key Findings

  • The vulnerabilities were found in the ProtonMail web app, which is used by most ProtonMail users.
  • The vulnerabilities could allow attackers to inject malicious code into the web app.
  • The malicious code could then be used to steal emails.
    • ProtonMail has released a fix for the vulnerabilities.

    ProtonMail, a popular Swiss-based email service that markets itself as a secure and private alternative to Gmail and other major email providers, has been found to have multiple code vulnerabilities that could allow attackers to leak emails.

    The vulnerabilities were discovered by cybersecurity researchers at SonarSource, a company that provides code analysis tools. The researchers found that the vulnerabilities could allow attackers to inject malicious code into ProtonMail’s web app, which could then be used to steal emails.

    PoC of the vulnerability

    ProtonMail is a popular email service with over 77 million users, including many journalists, activists, and whistleblowers. The service is known for its strong security features. However, these vulnerabilities could make it easier for attackers to target ProtonMail users, who are often at risk of surveillance and harassment.

    ProtonMail has acknowledged the vulnerabilities and has released a fix. The vulnerabilities are the latest in a series of security issues to affect ProtonMail. In September 2021, the ProtonMail Web Client was found to be exposed to a denial-of-service vulnerability.

    Proton AG, the company that runs ProtonMail, has a detailed vulnerability disclosure page that showcases the issues and fixes for all of the company’s products. This page is a valuable resource for security researchers and ProtonMail users, as it allows them to stay up-to-date on the latest security vulnerabilities and fixes.

    ProtonMail has said that it is committed to security and that it is constantly working to improve the security of its service.

    Summary of the exploit flow

    A plethora of technical details are available on SonarSource’s blog post here.

    If you are a ProtonMail user, you should update your app to the latest version. You should also be careful about what emails you open and what links you click on. If you think that your account may have been compromised, you should change your password immediately.

    Related Posts