Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
WhatsApp vulnerability exploited through malicious GIFs to hijack chat sessions
#1


Quote:A vulnerability in WhatsApp that can be used to compromise user chat sessions, files, and messages through malicious GIFs has been disclosed.

The security flaw, CVE-2019-11932, is a double-free bug found in WhatsApp for Android in versions below 2.19.244.


A double-free vulnerability is when the free() parameter is called twice on the same value & argument in software. Memory may then leak or become corrupted, giving attackers the opportunity to overwrite elements.

Such errors can lead to memory leaks, crashes, and the execution of arbitrary code.


In this case, as described by researcher "Awakened" who found the issue, all it took to trigger the vulnerability and perform a Remote Code Execution (RCE) attack was the creation of a malicious GIF file.

According to the researcher's technical writeup on GitHub, the bug can be triggered in two ways. The first, which leads to local privilege escalation, requires a malicious application to already be installed on a target Android device. The app then generates a malicious GIF file used to steal files from WhatsApp through the collection of library data.

The second attack vector requires a user to be exposed to the GIF payload in WhatsApp as an attachment or through other channels. (If a GIF is sent directly through WhatsApp's Gallery Picker, however, the attack will fail.) Once the Gallery View is opened in the messaging application, the GIF file will be parsed twice and trigger a remote shell in the app, leading to successful RCE.

Continue reading HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Apple emergency updates fix 3 new zero-days exploited in attacks mrtrout 0 487 09-21-2023 , 10:02 PM
Last Post: mrtrout
  VMware warns of critical vRealize flaw exploited in attacks mrtrout 0 381 06-21-2023 , 02:00 AM
Last Post: mrtrout
  Top Linux Vulnerabilities Exploited by Hackers mrtrout 0 504 08-27-2021 , 01:12 AM
Last Post: mrtrout
  At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns Bjyda 0 1,031 03-11-2021 , 10:36 PM
Last Post: Bjyda
  Europol 'unlocks' encrypted Sky ECC chat service to make arrests Bjyda 0 927 03-11-2021 , 10:34 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)