Facebook Twitter Instagram
    • Privacy Policy
    • Contact Us
    Facebook Twitter Instagram Pinterest Vimeo
    AI Home SecurityAI Home Security
    • Home
    • Home Security
    • Cyber Security
    • Biometric Technology
    Contact
    AI Home SecurityAI Home Security
    Cyber Security

    Experts Detail Chromium Browser Security Flaw Putting Confidential Data at Risk

    justmattgBy justmattgJanuary 12, 2023No Comments3 Mins Read

    [ad_1]

    Jan 12, 2023Ravie LakshmananBrowser Security / Data Safety

    Chromium Browser Security

    Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could have made it possible to siphon files containing confidential data.

    “The issue arose from the way the browser interacted with symlinks when processing files and directories,” Imperva researcher Ron Masas said. “Specifically, the browser did not properly check if the symlink was pointing to a location that was not intended to be accessible, which allowed for the theft of sensitive files.”

    Google characterized the medium-severity issue (CVE-2022-3656) as a case of insufficient data validation in File System, releasing fixes for it in versions 107 and 108 released in October and November 2022.

    Dubbed SymStealer, the vulnerability, at its core, relates to a type of weakness known as symbolic link (aka symlink) following, which occurs when an attacker abuses the feature to bypass the file system restrictions of a program to operate on unauthorized files.

    Imperva’s analysis of Chrome’s file handling mechanism (and by extension Chromium) found that when a user directly dragged and dropped a folder onto a file input element, the browser resolved all the symlinks recursively without presenting any warning.

    In a hypothetical attack, a threat actor could trick a victim into visiting a bogus website and downloading a ZIP archive file containing a symlink to a valuable file or folder on the computer, such as wallet keys and credentials.

    When the same symlink file is uploaded back to the website as part of the infection chain – e.g., a crypto wallet service that prompts users to upload their recovery keys – the vulnerability could be exploited to access the actual file storing the key phrase by traversing the symbolic link.

    To make it even more reliable, a proof-of-concept (PoC) devised by Imperva employs CSS trickery to alter the size of the file input element such that the file upload is triggered regardless of where the folder is dropped on the page, effectively allowing for information theft.

    “Hackers are increasingly targeting individuals and organizations holding cryptocurrencies, as these digital assets can be highly valuable,” Masas said. “One common tactic used by hackers is to exploit vulnerabilities in software […] in order to gain access to crypto wallets and steal the funds they contain.”

    Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.



    [ad_2]

    Source link

    Previous ArticleHackers Actively Exploiting Critical “Control Web Panel” RCE Vulnerability
    Next Article What You Need to Know About Alarm Systems
    justmattg
    • Website

    Related Posts

    Cyber Security

    Name That Toon: Last Line of Defense

    April 16, 2024
    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024
    Cyber Security

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Add A Comment

    Leave A Reply Cancel Reply

    Facebook Twitter Instagram Pinterest
    • Privacy Policy
    • Contact Us
    AI Home Security © 2025 All rights reserved | Designed By ESmartsSolution

    Type above and press Enter to search. Press Esc to cancel.

    ↑