moolticute icon indicating copy to clipboard operation
moolticute copied to clipboard

Published 20 hours ago verified publisher icon mooltipass

[Security] memorymgmt_data gets broadcasted to all ws clients

Open rsrdesarrollo opened this issue 5 months ago • 0 comments

Expected behavior

Actual behavior

Step by step guide to reproduce the problem

  1. connect 'attacker' client to daemon websocket websocat ws://localhost:30035
  2. open moolticute
  3. enter credentials management mode and approve in the device

The 'attacker' client opened in step 1 will receive the memorymgmt_data message, with the information of all the credentials in the device (credentials are encrypted, but still a privacy issue, at least for me)

memorymgmt_data should be only sent to the client that initiated the memory management process.

Moolticute Version

v1.04.0

Operating System

  • MacOS (M1)

Mooltipass Device

  • The Mooltipass Mini BLE

rsrdesarrollo avatar Aug 30 '24 11:08 rsrdesarrollo