This year at DEF CON 32, two members of the SafeBreach Labs team, Or Yair and Shmuel Cohen will present their research “QuickShell: Sharing is caring about an RCE attack chain on Quick Share” by Or Yair and Shmuel Cohen.” This research will explore Google’s Quick Share, a peer–to-peer data-transfer utility for Android, Windows, and Chrome operating systems. Leveraging communication protocols like Bluetooth, Wi-Fi, Wi-Fi Direct, Web real-time communication (WebRTC), and near-field communication (NFC), Quick Share supports file transfers between compatible, nearby devices.
The research revealed ten vulnerabilities in Quick Share’s Windows application that the researchers were able to assemble into a remote code execution (RCE) attack chain that allowed them to run code on Windows computers with Quick Share installed. In response to the findings, Google assigned two CVEs: one regarding a forced persistent Wi-Fi connection exploit (CVE-2024-38271) and another for a file approval dialog bypass in Windows (CVE-2024-38272). This research reveals the security challenges introduced by the complexity of a data-transfer utility attempting to support so many communication protocols and devices. It also underscores the critical security risks that can be created by chaining seemingly low-risk, known, or unfixed vulnerabilities together.
You can read the research here.
Like this:
Like Loading...
Related
This entry was posted on August 10, 2024 at 3:00 pm and is filed under Commentary with tags DEF CON. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Vulnerabilities In Google’s Quick Share Data Transfer Utility For Windows Outlined At DEF CON
This year at DEF CON 32, two members of the SafeBreach Labs team, Or Yair and Shmuel Cohen will present their research “QuickShell: Sharing is caring about an RCE attack chain on Quick Share” by Or Yair and Shmuel Cohen.” This research will explore Google’s Quick Share, a peer–to-peer data-transfer utility for Android, Windows, and Chrome operating systems. Leveraging communication protocols like Bluetooth, Wi-Fi, Wi-Fi Direct, Web real-time communication (WebRTC), and near-field communication (NFC), Quick Share supports file transfers between compatible, nearby devices.
The research revealed ten vulnerabilities in Quick Share’s Windows application that the researchers were able to assemble into a remote code execution (RCE) attack chain that allowed them to run code on Windows computers with Quick Share installed. In response to the findings, Google assigned two CVEs: one regarding a forced persistent Wi-Fi connection exploit (CVE-2024-38271) and another for a file approval dialog bypass in Windows (CVE-2024-38272). This research reveals the security challenges introduced by the complexity of a data-transfer utility attempting to support so many communication protocols and devices. It also underscores the critical security risks that can be created by chaining seemingly low-risk, known, or unfixed vulnerabilities together.
You can read the research here.
Share this:
Like this:
Related
This entry was posted on August 10, 2024 at 3:00 pm and is filed under Commentary with tags DEF CON. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.