FlowCrypt has once again teamed up with offensive security firm Cure53, this time to audit our Android application. Given our positive past experiences with Cure53, we were eager to learn what clever exploits they would find in our app so we could protect our users and patch the weaknesses as quickly as possible. They did not disappoint!

So what did they find?

Unencrypted cache exposes plaintext emails

The local app cache contained raw MIME messages of the emails viewed in the app. We fixed this by encrypted the messages in the cache. Additionally, we added a feature expiring cached messages after a certain time period.

HTTP leaks via style attribute on em tag

Senders could include an em tag that used an inline style to call an attacker controlled URL, thus exposing the recipients IP address and request headers (including user agent, for example).

To prevent this, we forbid network requests via WebView settings. And for added robustness, we’ll soon be adding a CSP that would also mitigate this risk.

Arbitrary file-write via attachments

Attachment filenames were not sanitized, allowing an attacker to traverse directories and overwrite arbitrary files on the recipients system. This is by far the most severe vulnerability uncovered in the report, and we’re grateful that Cure53 found it rather than a malicious actor. The fix was easy, we just had to sanitize filenames.

Overly large public keys lead to Denial-of-Service

We did not limit the size of imported keys and the number of included identities.This allowed absurdly large keys, which leads to a persistent Denial-of-Service in the application. To prevent this, we’ve implemented a (still very generous) size limit for public keys

Missing config allows MitM attacks for SMTP/IMAP

This critical vulnerability was possible because the app did not verify the SSL certificates of encrypted connections, allowing attackers to run Man-in-the-Middle attacks against users. We now verify certificates to prevent this kind of attack.

All of the fixes above were confirmed by Cure53 prior to the publication of the report.

FlowCrypt’s partnerships with offensive security firms will continue as we keep striving to make our applications as secure as possible for our users. We pay researchers to find bugs before the attackers can.

Are you a security researcher interested in getting paid to find bugs in our software? Consider participating in our recently launched public bug bounty program! And as always, keep an eye out here on the blog for the latest information on security reviews and new features.