CVE-2022-24738 : Security Advisory and Response

Evmos, the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network, is affected by a critical vulnerability that allows attackers to drain unclaimed funds from user addresses. Users are strongly advised to upgrade to version 2.0.1 to mitigate the risk of exploitation.

Understanding CVE-2022-24738

This vulnerability in Evmos can result in unauthorized access to user funds and poses a high risk to confidentiality and integrity.

What is CVE-2022-24738?

Evmos versions prior to 2.0.1 are susceptible to an attack where an attacker can create a new chain without signature verification and siphon unclaimed funds from user addresses.

The Impact of CVE-2022-24738

The impact of this vulnerability is rated as high, with a CVSS base score of 8.1. Attackers with low privileges can exploit this issue over the network to compromise confidentiality and integrity.

Technical Details of CVE-2022-24738

This section covers specific technical details regarding the vulnerability.

Vulnerability Description

Attackers can drain unclaimed funds by connecting a malicious chain to the target Evmos instance without enforcing signature verification.

Affected Systems and Versions

Product: Evmos
Vendor: Tharsis
Versions Affected: < 2.0.1

Exploitation Mechanism

The attacker must create a new chain that lacks signature verification and link it to the target Evmos instance to transfer unclaimed funds.

Mitigation and Prevention

To protect systems from CVE-2022-24738, immediate actions and long-term security practices are recommended.

Immediate Steps to Take

Upgrade to Evmos version 2.0.1 as soon as possible to prevent attackers from draining unclaimed funds.

Long-Term Security Practices

Regularly update Evmos and other software components to address security vulnerabilities promptly.

Patching and Updates

Stay informed about security advisories and releases from Tharsis to patch known vulnerabilities and enhance system security.