Vulnerability Details : CVE-2022-32969
MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in order to support the Restore Session feature, aka the Demonic issue.
Products affected by CVE-2022-32969
- cpe:2.3:a:metamask:metamask:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-32969
0.11%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 45 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-32969
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST | |
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.2
|
3.6
|
NIST |
CWE ids for CVE-2022-32969
-
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-32969
-
https://github.com/MetaMask/metamask-extension/compare/v10.11.2...v10.11.3
Comparing v10.11.2...v10.11.3 · MetaMask/metamask-extension · GitHubPatch;Third Party Advisory
-
https://halborn.com/disclosures/demonic-vulnerability/
Halborn MetaMask “Demonic” Vulnerability DiscoveryThird Party Advisory
-
https://halborn.com/halborn-discovers-critical-vulnerability-affecting-crypto-wallet-browser-extensions/
Halborn Discovers Critical Vulnerability Affecting Crypto Wallet Browser ExtensionsThird Party Advisory
Jump to