CVE-2022-1197 in Thunderbird
Summary
by MITRE • 12/22/2022
When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn't specify a revocation reason, were unaffected. This vulnerability affects Thunderbird < 91.8.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 04/29/2025
This vulnerability in Thunderbird represents a critical flaw in the OpenPGP key management system that undermines the security integrity of cryptographic communications. The issue specifically impacts how the email client handles revoked keys during the import process, creating a scenario where the system fails to properly update the status of existing keys. When a user attempts to import a revoked key with a key compromise reason, Thunderbird incorrectly maintains the original key's non-revoked status, effectively allowing potentially compromised cryptographic material to remain trusted within the system. This behavior directly violates fundamental security principles of key management and certificate validation, as it enables the persistence of revoked cryptographic entities that should no longer be considered valid for secure communications.
The technical nature of this vulnerability stems from an incomplete implementation of key revocation handling logic within Thunderbird's OpenPGP subsystem. According to CWE-254, this represents a weakness in the security model where the system fails to properly validate or update cryptographic key states during import operations. The flaw specifically manifests when processing revocation statements with the key compromise reason, which is one of the standard revocation reason codes defined in RFC 4880 for OpenPGP implementations. The system correctly processes other revocation reasons or revocations without specified reasons, indicating that the issue is narrowly focused on the key compromise scenario. This selective failure creates a dangerous inconsistency in the key management system where certain types of revocations are properly handled while others are ignored, leading to a false sense of security for users who rely on the system's cryptographic integrity.
The operational impact of this vulnerability extends beyond simple user inconvenience to represent a significant threat to the confidentiality and integrity of encrypted communications. When compromised keys remain trusted in the system, attackers who have obtained access to private keys can continue to impersonate legitimate users, decrypt past communications, or perform man-in-the-middle attacks without detection. This vulnerability particularly affects users who rely on Thunderbird for secure email communication and key management, as it undermines the trust model that cryptographic systems depend upon. The issue affects all versions prior to 91.8, meaning that users who have not updated their software remain vulnerable to attacks that exploit this inconsistency in key revocation handling. According to ATT&CK framework category T1552, this vulnerability could enable credential access and data encryption for impact, as compromised keys can be used to gain unauthorized access to encrypted communications and potentially decrypt sensitive information.
The mitigation strategy for this vulnerability requires immediate software updates to Thunderbird version 91.8 or later, which contains the necessary fixes to properly handle key compromise revocations. System administrators and users should prioritize updating their Thunderbird installations to eliminate the risk of continued trust in compromised keys. Additionally, organizations should conduct thorough key revocation audits to identify and remove any compromised keys that may have been imported but not properly updated. Security teams should implement monitoring procedures to detect potential misuse of compromised cryptographic material and consider implementing additional verification steps when dealing with imported keys. The fix addresses the core issue by ensuring that when a revoked key is imported, the system properly updates the existing key's status regardless of the revocation reason, maintaining consistency in the cryptographic trust model and preventing the persistence of compromised keys that could be exploited by malicious actors.