How To Fix Digital Signature Spoofing Vulnerabilities In LibreOffice- CVE-2021-25633, CVE-2021-25634, CVE-2021-25635?

On Oct 11, LibreOffice rolled out security updates to fix new digital signature spoofing vulnerabilities in the LibreOffice suite. Let’s see the impact of Digital Signature Spoofing attacks and how to fix the three new digital signature spoofing vulnerabilities in LibreOffice tracked as CVE-2021-25633, CVE-2021-25634, and CVE-2021-25635.

Summary Of The New Digital Signature Spoofing Vulnerabilities In LibreOffice:

Total three vulnerabilities were recently discovered on LibreOffice, which could be used to manipulate the content of the document to make them appear as they are digitally signed by a trusted source.

• CVE-2021-25633 Content Manipulation with Double Certificate Attack
• CVE-2021-25634 Timestamp Manipulation with Signature Wrapping Attack
• CVE-2021-25635 Content Manipulation with Certificate Validation Attack

#1. CVE-2021-25633:

LibreOffice supports digital signatures of ODF documents to retain the integrity of the document. This feature confirms the receepient of the document that no alteration has occurred since the last signing.

This vulnerability allows attackers to manipulate content to carry out a Double Certificate Attack. An attacker could leverage this CVE-2021-25633 Double Certificate vulnerability to manipulate the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, making the document appear as the document is digitally signed with a trusted certificate.

This vulnerability has been fixed in LibreOffice 7.0.6/7.1.2

#2. CVE-2021-25634:

This vulnerability allows attackers to manipulate timestamps to carry out the Signature Wrapping Attack. An attacker could leverage this CVE-2021-25634 Signature Wrapping vulnerability to insert an additional signing time timestamp, making an invalid or expired certificate appear as a valid one.

This vulnerability has been fixed in LibreOffice 7.0.6/7.1.2

#3. CVE-2021-25635:

This vulnerability allows attackers to manipulate content to carry out the Certificate Validation Attack. An attacker could leverage this CVE-2021-25633 Certificate Validation vulnerability to sign an ODF document with a self-signed certificate or a certificate issued by an untrusted certificate authority, and then the attacker would change the signature algorithm with an invalid algorithm. This allows attackers to incorrectly present a signature with an unknown algorithm as a valid signature issued by a trusted party.

This vulnerability has been fixed in LibreOffice v7.0.5/7.1.1.

How To Fix Digital Signature Spoofing Vulnerabilities In LibreOffice?

All the three vulnerabilities CVE-2021-25633, CVE-2021-25634, and CVE-2021-25635, can be fixed by upgrading to LibreOffice to 7.1.2. It is always a good practice to upgrade applications to the latest stable version. Let see how to upgrade LibreOffice to v 7.2.1.2.

We hope this post will help you in fixing the three new digital signature spoofing vulnerabilities in LibreOffice tracked as CVE-2021-25633, CVE-2021-25634, and CVE-2021-25635.

Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.

• 10 new Apple’s Privacy & Security Features to its upcoming versions of iOS and macOS
• Researchers Identified New Chinese Spying Campaign targeting Southeast Asia
• How to Create a Certificate Signing Request on a Linux Server?
• What is a PKI Certificate? What Are The Different Types of PKI certificates?
• A Critical RCE PowerShell Vulnerability – Upgrade PowerShell at the earliest