Critical Same Root Policy Bypass Flaw Constitute Inwards Samsung Android Browser

Influenza A virus subtype H5N1 critical vulnerability has been discovered inwards the browser app comes pre-installed on hundreds of millions of Samsung Android devices that could permit an assaulter to pocket information from browser tabs if the user visits an attacker-controlled site.

Identified every bit CVE-2017-17692, the vulnerability is Same Origin Policy (SOP) bypass number that resides inwards the pop Samsung Internet Browser version 5.4.02.3 together with earlier.

The Same Origin Policy or SOP is a safety characteristic applied inwards modern browsers that is designed to arrive possible for spider web pages from the same website to interact land preventing unrelated sites from interfering amongst each other.

In other words, the SOP makes certain that the JavaScript code from 1 beginning should non hold upwardly able to access the properties of a website on about other origin.

The SOP bypass vulnerability inwards the Samsung Internet Browser, discovered past times Dhiraj Mishra, could permit a malicious website to pocket data, such every bit passwords or cookies, from the sites opened past times the victim inwards dissimilar tabs.

"When the Samsung Internet browser opens a novel tab inwards a given domain (say, google.com) through a Javascript action, that Javascript tin come upwardly inwards afterwards the fact together with rewrite the contents of that page amongst whatever it wants," researchers from safety draw of piece of job solid Rapid7 explained.

"This is a no-no inwards browser blueprint since it agency that Javascript tin violate the Same-Origin Policy, together with tin straight Javascript actions from 1 site (controlled past times the attacker) to deed inwards the context of about other site (the 1 the assaulter is interested in). Essentially, the assaulter tin insert custom Javascript into whatsoever domain, provided the victim user visits the attacker-controlled spider web page first."

Attackers tin fifty-fifty snag a re-create of your session cookie or hijack your session together with read together with write webmail on your behalf.

Mishra reported the vulnerability to Samsung, together with the fellowship replied that "the land is already preloaded inwards our upcoming model Milky Way Note 8, together with the application volition hold upwardly updated via Apps shop update inwards October."

Meanwhile, Mishra, amongst the handle of Tod Beardsley together with Jeffrey Martin from Rapid7 team, too released an exploit for Metasploit Framework.

Rapid7 researchers bring too published a video demonstrating the attack.

Since the Metasploit exploit code for the SOP bypass vulnerability inwards the Samsung Internet Browser is at in 1 trial publicly available, anyone amongst less technical noesis tin purpose together with exploit the flaw on a large number of Samsung devices, virtually of which are all the same using the former Android Stock browser.

Share This :