In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade github.com/cosmos/interchain-security/v5/x/ccv/provider/types
to version 5.2.0 or higher.
Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity due to missing validation on the ICS
side to check if the signer matches the provider address. This allows an attacker to opt-in, opt-out, change the commission rate, or change what public key a validator uses on a consumer chain.