Group Chat Vulnerability in LINE Client for iOS by LINE Corporation
CVE-2022-41568

7.5HIGH

Key Information:

Vendor: Line Corporation
Status: Line Client For iOS
Vendor: CVE Published:; 29 November 2022

🔔 Create Line Corporation Vulnerability Alert

What is CVE-2022-41568?

The LINE client for iOS versions prior to 12.17.0 contains a vulnerability that allows an attacker to crash the application by sharing an invalid End-to-End Encryption (E2EE) key within group chats. This can disrupt user experience and compromise the functionality of the app, potentially impacting communication in group settings.

Affected Version(s)

LINE client for iOS <

References

https://hackerone.com/reports/1701642

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 29, 2022
Vulnerability Reserved
Sep 26, 2022