These vulnerabilities could allow a threat actor to illegally access customers sensitive data.
The vulnerabilities pervading E2EE cloud storage highlight a critical blind spot in our grasp of the field.
This contradicted the platforms marketing claims and gave customers a false sense of security regarding their data security.
Indeed, our attacks are highly practical and can be carried out without significant resources, the researchers added.
On the other hand, Seafile has promised to patch the protocol downgrade issue with a future update.
Weve also reached out to the research team to share findings and collaborate on thenext steps.
source: www.techworm.net
