CVE-2026-32318

High

Published: 20 March 2026

Published

20 March 2026

Modified

26 March 2026

KEV Added

—

Patch

—

CVSS Score 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

EPSS Score 0.0001 2.8th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-32318 is a high-severity Origin Validation Error (CWE-346) vulnerability in Cryptomator Cryptomator. Its CVSS base score is 7.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Adversary-in-the-Middle (T1557); ranked at the 2.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Adversary-in-the-Middle (T1557) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-7 Software, Firmware, and Information Integrity good match

prevent

Directly requires integrity verification mechanisms for configuration files like vault.cryptomator to detect tampering prior to trusting endpoints for Hub key loading.

SC-23 Session Authenticity good match

prevent

Mandates protection of communications session authenticity, including host verification, to mitigate man-in-the-middle vulnerabilities during key loading from potentially malicious endpoints.

SI-2 Flaw Remediation good match

prevent

Ensures identification, reporting, and correction of flaws such as the missing integrity checks and endpoint validation in Cryptomator versions prior to 2.8.3 via timely patching.

MITRE ATT&CK Enterprise TechniquesAI

T1557 Adversary-in-the-Middle Credential Access

Adversaries may attempt to position themselves between two or more networked devices using an adversary-in-the-middle (AiTM) technique to support follow-on behaviors such as [Network Sniffing](https://attack.

attack.mitre.org →

T1528 Steal Application Access Token Credential Access

Adversaries can steal application access tokens as a means of acquiring credentials to access remote systems and resources.

attack.mitre.org →

Why these techniques?

Vulnerability directly enables MITM (T1557) via tampered vault config redirecting auth traffic to attacker endpoints without validation; facilitates token exfiltration (T1528) during Hub key loading with high confidentiality impact.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Cryptomator for IOS offers multi-platform transparent client-side encryption for files in the cloud. Prior to version 2.8.3, an integrity check vulnerability allows an attacker tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism.…

Before this fix, the client trusted endpoints from the vault config without host authenticity checks, which could allow token exfiltration by mixing a legitimate auth endpoint with a malicious API endpoint. Impacted are users unlocking Hub-backed vaults with affected client versions in environments where an attacker can alter the vault.cryptomator file. This issue has been patched in version 2.8.3.

Deeper analysisAI

CVE-2026-32318 is an integrity check vulnerability in Cryptomator for iOS, a multi-platform client-side encryption tool for cloud-stored files, affecting versions prior to 2.8.3. The flaw allows attackers to tamper with the vault.cryptomator configuration file, resulting in a man-in-the-middle vulnerability during the Hub key loading mechanism. Prior to the fix, the client trusted endpoints from the vault config without host authenticity checks, enabling manipulation such as mixing legitimate authentication endpoints with malicious API endpoints. The issue is linked to CWEs-346 (Origin Validation Error), CWE-354 (Insufficient Cryptographic Interface), CWE-451 (User Interface Misrepresentation), and CWE-923 (Improper Restriction of Communication Channel to Intended Endpoints).

Exploitation requires an attacker with low privileges (PR:L) who can alter the vault.cryptomator file, typically in environments like shared or compromised cloud storage, combined with network access (AV:N), low attack complexity (AC:L), and user interaction (UI:R) such as unlocking a Hub-backed vault. Successful attacks enable token exfiltration by redirecting authentication traffic to attacker-controlled endpoints, achieving high confidentiality impact (C:H) with low integrity (I:L) and no availability (A:N) effects, within a changed scope (S:C). The CVSS v3.1 base score is 7.6, highlighting moderate to high risk for affected users.

Mitigation is provided in Cryptomator for iOS version 2.8.3, which patches the integrity checks and endpoint validation. The GitHub security advisory (GHSA-g7fr-c82r-hm6j), pull request #444, commit 98c31280304af65c0932eb547d5fe4be2d16929c, and release notes for v2.8.3 detail the fix; users should update immediately to prevent exploitation.

Details

CWE(s): CWE-346 CWE-354 CWE-451 CWE-923

Affected Products

cryptomator

≤ 2.8.2

CVEs Like This One

CVE-2026-32303Same product: Cryptomator Cryptomator

CVE-2026-32317Same product: Cryptomator Cryptomator

CVE-2026-32309Same product: Cryptomator Cryptomator

CVE-2024-44238Same product: Apple Iphone Os

CVE-2024-44276Same product: Apple Iphone Os

CVE-2025-31229Same product: Apple Iphone Os

CVE-2024-44136Same product: Apple Iphone Os

CVE-2026-28858Same product: Apple Iphone Os

CVE-2025-24200Same product: Apple Iphone Os

CVE-2026-28874Same product: Apple Iphone Os

References

https://github.com/cryptomator/ios/commit/98c31280304af65c0932eb547d5fe4be2d16929c
Patch · security-advisories@github.com
https://github.com/cryptomator/ios/pull/444
Issue Tracking · security-advisories@github.com
https://github.com/cryptomator/ios/releases/tag/2.8.3
Release Notes · security-advisories@github.com
https://github.com/cryptomator/ios/security/advisories/GHSA-g7fr-c82r-hm6j
Vendor Advisory · security-advisories@github.com