The combination of chaining the vulnerabilities described below allows
a malicious exit node operator or global adversary to conduct a silent
remote code execution attack on all platforms of the Tor Browser. This
attack is not limited to just being hypothetical in nature and
evidence shows that this attack has already been possible for a number
of years. The list of vulnerable deployments to this attack includes
the native Tor Browser for Windows, Linux, OSX and also includes Tor
Browser installations on dedicated operating systems such as Tails and

The entire security of the Tor Browser ecosystem relies on the
integrity of a single TLS certificate that has already been previously

Efforts to mitigate these types of risks through certificate pinning
appear to not have been correctly implemented with regard to the
extension update process and also appear to provide no protection.

This attack enables arbitrary remote code execution against users
accessing specific clearnet resources when used in combination with a
targeting mechanism; such as by passively monitoring exit node traffic
for traffic destined for specific clearnet resources. Additionally
this attack enables an attacker to conduct exploitation at a massive
scale against all Tor Browser users and to move towards implantation
after selected criteria are met (such as an installed language pack,
public IP address, DNS cache, stored cookie, stored web history, and

Quick financial estimates put the cost to launch such an attack at
roughly $100,000 USD for maximum impact. To put in clearer
perspective; this attack costs an attacker 0.06 USD per compromised
machine given that 1.5 million users operate on Tor at any given time.
Ultimately the combination of all vulnerabilities and the resources
required to stage such an attack is well within the reach of a
nation-state or criminal organization.

Responsible Disclosure Attempts:

This vulnerability was originally described publicly in concept before
the initial confirmation of the feasibility of the attack. Reaction to
the theoretical disclosure was mocked as non-credible by Micah Lee and
Andrea Shepard (individuals associated with the Tor Project

Reply via email to