Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook

sessions hijack gifs vulnerability chat malicious whatsapp exploited

tarekma7WhatsApp vulnerability exploited through malicious GIFs to hijack chat sessions

Quote:A vulnerability in WhatsApp that can be used to compromise user chat sessions, files, and messages through malicious GIFs has been disclosed.

The security flaw, CVE-2019-11932, is a double-free bug found in WhatsApp for Android in versions below 2.19.244.

A double-free vulnerability is when the free() parameter is called twice on the same value & argument in software. Memory may then leak or become corrupted, giving attackers the opportunity to overwrite elements.

Such errors can lead to memory leaks, crashes, and the execution of arbitrary code.

In this case, as described by researcher "Awakened" who found the issue, all it took to trigger the vulnerability and perform a Remote Code Execution (RCE) attack was the creation of a malicious GIF file.

According to the researcher's technical writeup on GitHub, the bug can be triggered in two ways. The first, which leads to local privilege escalation, requires a malicious application to already be installed on a target Android device. The app then generates a malicious GIF file used to steal files from WhatsApp through the collection of library data.

The second attack vector requires a user to be exposed to the GIF payload in WhatsApp as an attachment or through other channels. (If a GIF is sent directly through WhatsApp's Gallery Picker, however, the attack will fail.) Once the Gallery View is opened in the messaging application, the GIF file will be parsed twice and trigger a remote shell in the app, leading to successful RCE.

Continue reading HERE

Possibly Related Threads…
Thread Author Replies Views Last Post
  At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns Bjyda 0 197 03-11-2021 , 10:36 PM
Last Post: Bjyda
  Europol 'unlocks' encrypted Sky ECC chat service to make arrests Bjyda 0 225 03-11-2021 , 10:34 PM
Last Post: Bjyda
  Exclusive: Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted Bjyda 0 128 02-22-2021 , 10:37 PM
Last Post: Bjyda
  Kremlin hackers are right now exploiting security hole in VMware software to hijack s mrtrout 2 416 12-10-2020 , 07:52 AM
Last Post: divinenews
  Apple fixes three iOS zero-days exploited in the wild mrtrout 0 400 11-06-2020 , 02:47 AM
Last Post: mrtrout

Forum Jump:

Users browsing this thread: 1 Guest(s)