3 weeks ago
32 Views

Critical “Same Origin Policy” Bypass Flaw Found in Samsung Android Browser

same-origin-policy-bypass

A critical vulnerability has been discovered inside the browser app comes pre-installed on hundreds of millions of Samsung Android devices of which could allow an attacker to steal data coming from browser tabs if the user visits an attacker-controlled site.

Identified as CVE-2017-17692, the vulnerability can be Same Origin Policy (SOP) bypass issue of which resides inside the common Samsung Internet Browser variation 5.4.02.3 in addition to also earlier.

The Same Origin Policy or SOP can be a security feature applied in modern browsers of which can be designed to make the item possible for web pages coming from the same website to interact while preventing unrelated sites coming from interfering with each different.

In different words, the SOP makes sure of which the JavaScript code coming from one origin should not be able to access the properties of a website on another origin.

The SOP bypass vulnerability inside the Samsung Internet Browser, discovered by Dhiraj Mishra, could allow a malicious website to steal data, such as passwords or cookies, coming from the sites opened by the victim in different tabs.

“When the Samsung Internet browser opens a brand new tab in a given domain (say, google.com) through a Javascript action, of which Javascript can come in after the fact in addition to also rewrite the contents of of which page with whatever the item wants,” researchers coming from security firm Rapid7 explained.

“of which can be a no-no in browser design since the item means of which Javascript can violate the Same-Origin Policy, in addition to also can direct Javascript actions coming from one site (controlled by the attacker) to act inside the context of another site (the one the attacker can be interested in). Essentially, the attacker can insert custom Javascript into any domain, provided the victim user visits the attacker-controlled web page first.”

Attackers can even snag a copy of your session cookie or hijack your session in addition to also read in addition to also write webmail on your behalf.

Mishra reported the vulnerability to Samsung, in addition to also the company replied of which “the patch can be already preloaded in our upcoming style Galaxy Note 8, in addition to also the application will be updated via Apps store update in October.

Meanwhile, Mishra, with the help of Tod Beardsley in addition to also Jeffrey Martin coming from Rapid7 team, also released an exploit for Metasploit Framework.

Rapid7 researchers have also published a video demonstrating the attack.

Since the Metasploit exploit code for the SOP bypass vulnerability inside the Samsung Internet Browser can be right now publicly available, anyone with less technical knowledge can use in addition to also exploit the flaw on a large number of Samsung devices, most of which are still using the old Android Stock browser.

Article Categories:
Security Hacks

Leave a Comment

Your email address will not be published. Required fields are marked *

nineteen − 18 =