Home SECURITY Google Pixel’s built-in Markup image editor exposes user data

Google Pixel’s built-in Markup image editor exposes user data

0
Google Pixel’s built-in Markup image editor exposes user data

[ad_1]

Google Pixel’s built-in Markup image editor exposes user data

The vulnerability allows you to view the original version of the edited screenshot.

Information security experts Simon Aarons and David Buchanan discovered a vulnerability called aCropalypse in Markup image editor installed in devices Google Pixel that exposes sensitive user data.

Vulnerability ( CVE-2023-21036 ) occurs when processing images in PNG format. This issue exposes information from a previously edited file by the user. That is, after executing the Crop command (cropping) or retouching and saving the changes, you can view the original file. The vulnerability affects all Google Pixel devices from version 3 to version 7.


According to the researchers, the disadvantage is that when editing PNG images, Markup does not overwrite the entire new file after performing the actions and saving the result. The saved file contains data that can be used to partially or completely restore the original image.

Google is aware of this vulnerability and has rated it High Severity. Google has released an update, but it does not fix the problem with previously saved files.

Industry experts have already created a special site “acropalypse.app” to check for vulnerabilities in user screenshots already taken. According to them, many pictures from Pixel smartphones can contain hidden confidential and personal data of users, including banking information, addresses, passwords, and more. Users often send Markup-edited screenshots among themselves, and in this case Markup does not delete the data and writes it to the edited file.


Android developers and enthusiasts figured out that the vulnerability in Markup appeared after the API update in Android 10. Prior to the tenth version, the default “w” parameter was used in the “parseMode ()” function, which was passed when the file was trimmed, and the data was overwritten. Starting with Android 10, the command to reduce the file came after receiving the parameter “wt” (t – in this case, truncation). google so and not documented this situation, and when using the “wt” parameter, the system generated an error when overwriting a file if the new file was smaller than the old one.



[ad_2]

Source link

www.securitylab.ru

LEAVE A REPLY

Please enter your comment!
Please enter your name here