Retail giant Amazon patched a substantial-severity security issue in its Ring application for Android in Might that could have enabled a rogue application installed on a user’s system to obtain sensitive information and camera recordings.
The Ring application for Android has around 10 million downloads and allows users to observe online video feeds from smart home products these as video doorbells, security cameras, and alarm devices. Amazon obtained the doorbell maker for about $1 billion in 2018.
Software security company Checkmarx stated it identified a cross-web page scripting (XSS) flaw that it mentioned could be weaponized as part of an attack chain to trick victims into installing a malicious application.
The application can then be utilized to get hold of the user’s Authorization Token, that can be subsequently leveraged to extract the session cookie by sending this information along with the device’s hardware ID, which is also encoded in the token, to the endpoint “ring[.]com/cell/authorize.”
Armed with this cookie, the attacker can indication in to the victim’s account with no owning to know their password and access all private information connected with the account, including whole title, email deal with, phone quantity, and geolocation info as well as the system recordings.
This is realized by querying the below two endpoints –
- account.ring[.]com/account/handle-heart – Get the user’s individual information and System ID
- account.ring[.]com/api/cgw/evm/v2/record/equipment/Device_ID – Obtain the Ring product knowledge and recordings
Checkmarx reported it reported the issue to Amazon on Might 1, 2022, adhering to which a repair was designed readily available on May possibly 27 in model 3.51.. There is no proof that the issue has been exploited in real-globe assaults, with Amazon characterizing the exploit as “exceptionally complicated” and emphasizing that no consumer details was exposed.
The enhancement will come extra than a thirty day period following the organization moved to handle a severe weak spot affecting its Shots application for Android that could have been exploited to steal a user’s accessibility tokens.
Discovered this article fascinating? Follow THN on Facebook, Twitter and LinkedIn to read through more exceptional information we put up.
Some parts of this article are sourced from:
thehackernews.com