Avatar
Sebcurity 2y ago

# [Code Vulnerabilities Put Proton Mails at Risk](https://www.sonarsource.com/blog/code-vulnerabilities-leak-emails-in-proton-mail/)

### Paul Gerste

### VULNERABILITY RESEARCHER

September 5, 2023

12 MIN READ

-----

## Key Information

__Key Information__

+ In June 2022, the Sonar Research team discovered critical code vulnerabilities in multiple encrypted email solutions, including Proton Mail, Skiff, and Tutanota.

+ These privacy-oriented webmail services provide end-to-end encryption, making communications safe in transit and at rest. Our findings affect their web clients, where the messages are decrypted, mobile clients were not affected.

+ The vulnerabilities would have allowed attackers to steal emails and impersonate victims if they interacted with malicious messages.

+ Nearly 70 million users were at risk on Proton Mail alone.

+ Thanks to our report, the issue has been fixed and there are no signs of in-the-wild exploitation.

-----

#security #news #protonmail #tutanota #skiff #email

Reply to this note

Please Login to reply.

Discussion

No replies yet.