Lack of Hardening against media exploitation from a remote origin

Vulnerability

Mattermost Desktop versions prior to the fix fail to correctly handle permissions or prompt the user for consent when accessing sensitive media devices (camera, microphone). This allows a malicious Mattermost server to request media access without the user's explicit approval. The affected versions are not explicitly listed in the available reference [1], but the issue is present in the desktop application.

Exploitation

An attacker controlling a Mattermost server can send a request to the desktop client to access media devices. Because the client does not prompt for consent, the attacker can initiate media capture without user interaction. The attacker does not need any additional authentication beyond being able to serve content to the user.

Impact

Successful exploitation allows the attacker to capture audio and video from the user's device, leading to unauthorized surveillance and potential disclosure of sensitive information. The compromise occurs at the user's privilege level, as the desktop app runs with the user's permissions.

Mitigation

Mattermost has released security updates to address this issue. Users should update to the latest version of Mattermost Desktop as indicated on the security updates page [1]. No workaround is available if the update is not applied.