CVE-2021-32665
📋 TL;DR
This vulnerability in Wire iOS messaging app incorrectly marks verified conversations as unverified when users are added, potentially causing users to miss security warnings. It affects Wire iOS app users on versions 3.8.0 and earlier. The bug undermines the app's verification system that ensures secure communications.
💻 Affected Systems
- Wire iOS
📦 What is this software?
Wire by Wire
⚠️ Risk & Real-World Impact
Worst Case
Users might unknowingly communicate with unverified devices, potentially exposing sensitive conversations to man-in-the-middle attacks or unauthorized participants.
Likely Case
Users experience confusion about conversation security status and may ignore legitimate security warnings due to false positives.
If Mitigated
With proper user awareness and verification practices, the risk is limited to inconvenience rather than actual compromise.
🎯 Exploit Status
Exploitation requires being added to conversations with verified participants, making it context-dependent rather than universally exploitable.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 3.8.1
Vendor Advisory: https://github.com/wireapp/wire-ios/security/advisories/GHSA-mc65-7w99-c6qv
Restart Required: Yes
Instructions:
1. Open App Store on iOS device. 2. Search for Wire app. 3. Update to version 3.8.1 or later. 4. Restart the app after update.
🔧 Temporary Workarounds
Manual verification reset
allManually unverify and re-verify devices in affected conversations to restore proper verification status.
🧯 If You Can't Patch
- Manually verify all devices in conversations after being added to ensure proper security status.
- Educate users to be cautious about conversation security warnings and verify devices independently.
🔍 How to Verify
Check if Vulnerable:
Check Wire iOS app version in Settings > About. If version is 3.8.0 or earlier, the app is vulnerable.Check Version:
Open Wire app > Settings > About to view version number.Verify Fix Applied:
After updating to 3.8.1 or later, verify that conversations maintain proper verification status when users are added.📡 Detection & Monitoring
Log Indicators:
- Unexpected verification status changes in conversation logs
- Multiple verification reset events
Network Indicators:
- Increased verification-related API calls when users join conversations
SIEM Query:
app:"Wire" AND event:"verification_change" AND status:"unverified" AND context:"user_added"🔗 References
- https://github.com/wireapp/wire-ios-data-model/commit/bf9db85886b12a20c8374f55b7c4a610e8ae9220
- https://github.com/wireapp/wire-ios/security/advisories/GHSA-mc65-7w99-c6qv
- https://github.com/wireapp/wire-ios-data-model/commit/bf9db85886b12a20c8374f55b7c4a610e8ae9220
- https://github.com/wireapp/wire-ios/security/advisories/GHSA-mc65-7w99-c6qv
