TREND ANDROID SHAREIT 1B PATCH
We worked quickly to investigate this report, and on February 19, 2021, we released a patch to address the alleged vulnerabilities.Cybersecurity experts have discovered a popular Android app riddled with vulnerabilities has been download one billion times. An attacker can exploit the permissions on SHAREit mobile app to leak sensitive data and remotely execute malicious code. Cybersecurity company Trend Micro analysts, they have recently reported that they found several vulnerabilities in the Shareit application that we use. SHAREit is used to share files between Android users and devices.
SHAREit is owned by Smart Media4U Technology Pte. in Singapore and was previously owned by Lenovo before it was spun off into its own company.Īccording to Trend Micro researchers, the flaw was reported nearly three months ago, but was still not patched as of the time of the report on Monday. “We reported these vulnerabilities to the vendor, who has not responded yet.
We decided to disclose our research three months after reporting this since many users might be affected by this attack because the attacker can steal sensitive data and do anything with the apps’ permission. It is also not easily detectable,” wrote Echo Duan and Jesse Chang from the Trend Micro security team. The Trend Micro report describes the vulnerability details and built proof-of-concept (POC) code on how the malicious code can execute man-in-the-middle attacks and steal sensitive files. Cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems June 24, 2022.Search for: Search Categories Categories Archives Archives For instance, Trend Micro found the developer specified a wide storage area root path (e.g., /data/data/ folder), which can be freely accessed by the malicious code.
0 kommentar(er)
