Vulnerabilities in Proton Mail, Skiff and Tutanota

ph00lt0 · September 6, 2023, 8:45pm

Same reaearchers also looked at Skiff and Tutanota. That seemed to be worse and allowed for RCE.

"As part of a 3-post series, we will cover other severe vulnerabilities we found in Skiff and Tutanota Desktop in the coming weeks. Those vulnerabilities could have been used by attackers to steal emails, and in one case even execute arbitrary code on the machines of victims. "

gammexane · September 7, 2023, 5:00am

This is from the last summer and Skiff at lease has fixed it… I remember reading about this on discord last year.

prosperina · September 7, 2023, 11:56am

Yes, it’s been fixed as mentioned in the summary at the beginning. It’s quite an interesting read, though.

Topic		Replies	Views
Windscribe is spreading FUD about Proton Privacy	5	956	May 24, 2024
Arc Browser RCE Vulnerability (CVE-2024-45489) Off Topic	29	985	September 24, 2024
Still receiving spam from Skiff on recovery email address Privacy	7	764	January 9, 2024
Skiff Mail Tool Suggestions	4	2227	January 10, 2023
BSI discovers serious vulnerabilities in Mastodon, some minor ones in Matrix Privacy	0	105	September 3, 2024

Vulnerabilities in Proton Mail, Skiff and Tutanota

Related topics