Impact
Clients that experience a MITM attack during the pairing process may inadvertantly allow access to an unintended client rather than failing authentication due to a PIN validation error.
This may result when:
- The user attempts to pair to Sunshine using Moonlight or another client.
- An attacker performs a MITM attack this legitimate pairing attempt by forwarding a forged pairing request with a new PIN and attacker's certificate to the host PC.
- The user types the original PIN from the legitimate pairing attempt into the Sunshine UI.
Expected result:
The pairing attempt fails due to the incorrect PIN and no new clients are authorized.
Actual result:
The pairing attempt fails due to the incorrect PIN, but the certificate from the forged pairing attempt is incorrectly persisted prior to the completion of the pairing request. This allows access to the certificate belonging to the attacker.
Affected Versions and Patches
There are no affected stable release builds.
Pre-release Sunshine builds between the merge of PR #2042 (May 27, 2024 20:43 UTC) and fd7e684 (September 10, 2024 00:14 UTC) are affected.
Patch: fd7e684
ClassicOldSong Finder
Impact
Clients that experience a MITM attack during the pairing process may inadvertantly allow access to an unintended client rather than failing authentication due to a PIN validation error.
This may result when:
Expected result:
The pairing attempt fails due to the incorrect PIN and no new clients are authorized.
Actual result:
The pairing attempt fails due to the incorrect PIN, but the certificate from the forged pairing attempt is incorrectly persisted prior to the completion of the pairing request. This allows access to the certificate belonging to the attacker.
Affected Versions and Patches
There are no affected stable release builds.
Pre-release Sunshine builds between the merge of PR #2042 (May 27, 2024 20:43 UTC) and fd7e684 (September 10, 2024 00:14 UTC) are affected.
Patch: fd7e684