CVE-2022-21718 - OpenCVE

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth API if the app has not configured a custom `select-bluetooth-device` event handler. This has been patched and Electron versions `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` contain the fix. Code from the GitHub Security Advisory can be added to the app to work around the issue.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Electronjs	Electron

Configuration 1 [-]

OR	cpe:2.3:a:electronjs:electron::::::::
	cpe:2.3:a:electronjs:electron::::::::
	cpe:2.3:a:electronjs:electron::::::::
	cpe:2.3:a:electronjs:electron::::::::
	cpe:2.3:a:electronjs:electron:17.0.0:alpha1::::::
	cpe:2.3:a:electronjs:electron:17.0.0:alpha2::::::
	cpe:2.3:a:electronjs:electron:17.0.0:alpha3::::::
	cpe:2.3:a:electronjs:electron:17.0.0:alpha4::::::
	cpe:2.3:a:electronjs:electron:17.0.0:alpha5::::::

References

Link	Resource
https://github.com/electron/electron/pull/32178	Issue Tracking Patch Third Party Advisory
https://github.com/electron/electron/pull/32240	Issue Tracking Patch Third Party Advisory
https://github.com/electron/electron/security/advisories/GHSA-3p22-ghq8-v749	Mitigation Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-03-22T16:25:12

Updated: 2022-03-22T16:25:11

Reserved: 2021-11-16T00:00:00

Link: CVE-2022-21718

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-03-22T17:15:07.810

Modified: 2023-07-24T13:46:59.967

Link: CVE-2022-21718

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "electron", "vendor": "electron", "versions": [{"status": "affected", "version": "< 13.6.6"}, {"status": "affected", "version": ">= 14.0.0-beta.1, < 14.2.4"}, {"status": "affected", "version": ">= 15.0.0-beta.1, < 15.3.5"}, {"status": "affected", "version": ">= 16.0.0-beta.1, < 16.0.6"}, {"status": "affected", "version": ">= 17.0.0-alpha.1, <= 17.0.0-alpha.5"}]}], "descriptions": [{"lang": "en", "value": "Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth API if the app has not configured a custom `select-bluetooth-device` event handler. This has been patched and Electron versions `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` contain the fix. Code from the GitHub Security Advisory can be added to the app to work around the issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-668", "description": "CWE-668: Exposure of Resource to Wrong Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-22T16:25:11", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/electron/electron/security/advisories/GHSA-3p22-ghq8-v749"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/electron/electron/pull/32178"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/electron/electron/pull/32240"}], "source": {"advisory": "GHSA-3p22-ghq8-v749", "discovery": "UNKNOWN"}, "title": "Renderers can obtain access to random bluetooth device without permission in Electron", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-21718", "STATE": "PUBLIC", "TITLE": "Renderers can obtain access to random bluetooth device without permission in Electron"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "electron", "version": {"version_data": [{"version_value": "< 13.6.6"}, {"version_value": ">= 14.0.0-beta.1, < 14.2.4"}, {"version_value": ">= 15.0.0-beta.1, < 15.3.5"}, {"version_value": ">= 16.0.0-beta.1, < 16.0.6"}, {"version_value": ">= 17.0.0-alpha.1, <= 17.0.0-alpha.5"}]}}]}, "vendor_name": "electron"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth API if the app has not configured a custom `select-bluetooth-device` event handler. This has been patched and Electron versions `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` contain the fix. Code from the GitHub Security Advisory can be added to the app to work around the issue."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-668: Exposure of Resource to Wrong Sphere"}]}]}, "references": {"reference_data": [{"name": "https://github.com/electron/electron/security/advisories/GHSA-3p22-ghq8-v749", "refsource": "CONFIRM", "url": "https://github.com/electron/electron/security/advisories/GHSA-3p22-ghq8-v749"}, {"name": "https://github.com/electron/electron/pull/32178", "refsource": "MISC", "url": "https://github.com/electron/electron/pull/32178"}, {"name": "https://github.com/electron/electron/pull/32240", "refsource": "MISC", "url": "https://github.com/electron/electron/pull/32240"}]}, "source": {"advisory": "GHSA-3p22-ghq8-v749", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-21718", "datePublished": "2022-03-22T16:25:12", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2022-03-22T16:25:11", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*", "matchCriteriaId": "4548B4FE-05C7-4B38-9BD9-F687DBFC0393", "versionEndExcluding": "13.6.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*", "matchCriteriaId": "A99CE214-CE9E-4241-B883-7201A737D111", "versionEndExcluding": "14.2.4", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*", "matchCriteriaId": "619E557E-1349-4591-B668-A50BF968C28A", "versionEndExcluding": "15.3.5", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1B857C2-D1BD-4605-ABE1-497BDD5A4825", "versionEndExcluding": "16.0.6", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:electronjs:electron:17.0.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "75600E5E-B4CB-4924-9CFD-E2877FFCCB81", "vulnerable": true}, {"criteria": "cpe:2.3:a:electronjs:electron:17.0.0:alpha2:*:*:*:*:*:*", "matchCriteriaId": "AB42380B-2AE9-481E-BF57-1014E613D7AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:electronjs:electron:17.0.0:alpha3:*:*:*:*:*:*", "matchCriteriaId": "4F76DDDC-1924-45C6-AB59-BD7BEA604098", "vulnerable": true}, {"criteria": "cpe:2.3:a:electronjs:electron:17.0.0:alpha4:*:*:*:*:*:*", "matchCriteriaId": "9C58C2CC-E9C0-4751-8254-41CFCDD24982", "vulnerable": true}, {"criteria": "cpe:2.3:a:electronjs:electron:17.0.0:alpha5:*:*:*:*:*:*", "matchCriteriaId": "E72DDD37-90EF-4517-8AEF-C3B584269C62", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth API if the app has not configured a custom `select-bluetooth-device` event handler. This has been patched and Electron versions `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` contain the fix. Code from the GitHub Security Advisory can be added to the app to work around the issue."}, {"lang": "es", "value": "Electron es un marco de trabajo para escribir aplicaciones de escritorio multiplataforma usando JavaScript, HTML y CSS. Una vulnerabilidad en las versiones anteriores a \"17.0.0-alpha.6\", \"16.0.6\", \"15.3.5\", \"14.2.4\" y \"13.6.6\" permite a renderizadores obtener acceso a un dispositivo bluetooth por medio de la API bluetooth de la web si la aplicaci\u00f3n no ha configurado un controlador de eventos personalizado \"select-bluetooth-device\". Esto ha sido parcheado y las versiones de Electron \"17.0.0-alpha.6\", \"16.0.6\", \"15.3.5\", \"14.2.4\" y \"13.6.6\" contienen la correcci\u00f3n. El c\u00f3digo del aviso de seguridad de GitHub puede a\u00f1adirse a la aplicaci\u00f3n para mitigar el problema"}], "id": "CVE-2022-21718", "lastModified": "2023-07-24T13:46:59.967", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-03-22T17:15:07.810", "references": [{"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/electron/electron/pull/32178"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/electron/electron/pull/32240"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://github.com/electron/electron/security/advisories/GHSA-3p22-ghq8-v749"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-668"}], "source": "security-advisories@github.com", "type": "Secondary"}]}