August 12, 2024 at 11:54AM
Vulnerabilities in Google’s Quick Share utility allowed man-in-the-middle attacks and unauthorized file transfers to Windows devices. SafeBreach discovered 10 vulnerabilities, prompting two CVEs, and detailed their findings at DEF CON 32. The flaws have been addressed, but the utility remains under scrutiny. A scheduled task vulnerability was also exploited.
The meeting notes provide details about the vulnerabilities in Google’s Quick Share data transfer utility. SafeBreach identified 10 vulnerabilities, including remote code execution (RCE) and unauthorized file write bugs. The flaws allowed threat actors to mount man-in-the-middle (MiTM) attacks, send files without approval, force application crashes, redirect traffic, and traverse paths to user folders. All vulnerabilities have been addressed, and two CVEs were assigned, namely CVE-2024-38271 (CVSS score of 5.9) and CVE-2024-38272 (CVSS score of 7.1). SafeBreach also discovered weaknesses in Quick Share’s communication protocol that allowed them to bypass the accept file dialog on Windows. They presented the findings at the DEF CON 32 conference and published comprehensive technical details on the identified vulnerabilities. These issues pose significant security risks and should be addressed promptly.