As a follow-up to their DEF CON 32 presentation QuickSell: Sharing Is Caring about an RCE Attack Chain on Quick Share the SafeBreach Labs team has discovered a critical bypass to Google’s fix for one of the vulnerabilities they previously identified in the Quick Share data transfer utility for Windows.
After Google addressed the original vulnerabilities discovered by researchers Or Yair and Shmuel Cohen, the team set out to verify the effectiveness of these fixes. They discovered that the solution implemented for CVE-2024-38272 – a critical vulnerability that allowed attackers to send files directly to users’ devices without approval – could be bypassed. Researchers could still deposit unauthorized files onto target devices despite Google’s initial patch by manipulating payload IDs during file transfers.
Even though Google has been responsive to these additional findings and has issued a new CVE along with an updated fix to address the bypass, this research shows the complexity involved in securing data transfer applications and the value of thorough verification testing after security patches are applied.
You can read the research here.
Related
This entry was posted on April 2, 2025 at 11:00 pm and is filed under Commentary with tags SafeBreach Labs. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
SafeBreach Labs discovers bypass for Google’s Quick Share vulnerability fix
As a follow-up to their DEF CON 32 presentation QuickSell: Sharing Is Caring about an RCE Attack Chain on Quick Share the SafeBreach Labs team has discovered a critical bypass to Google’s fix for one of the vulnerabilities they previously identified in the Quick Share data transfer utility for Windows.
After Google addressed the original vulnerabilities discovered by researchers Or Yair and Shmuel Cohen, the team set out to verify the effectiveness of these fixes. They discovered that the solution implemented for CVE-2024-38272 – a critical vulnerability that allowed attackers to send files directly to users’ devices without approval – could be bypassed. Researchers could still deposit unauthorized files onto target devices despite Google’s initial patch by manipulating payload IDs during file transfers.
Even though Google has been responsive to these additional findings and has issued a new CVE along with an updated fix to address the bypass, this research shows the complexity involved in securing data transfer applications and the value of thorough verification testing after security patches are applied.
You can read the research here.
Share this:
Like this:
Related
This entry was posted on April 2, 2025 at 11:00 pm and is filed under Commentary with tags SafeBreach Labs. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.