Googleโ€™s Chrome is a popular browser out there. While itโ€™s being used by billions daily, one of the browserโ€™s components was supposedly vulnerable to let attackers exploit the user data by executing malicious code remotely. The vulnerability was discovered recently and has been addressed.

The Magellan 2.0 Vulnerability

Termed as Magellan 2.0, this vulnerability, if exploited, can let an attacker execute malicious code remotely and can cause leaking program memory or program crashes. This check is surfaced by Tencent Blade Team from China, which was the same group that discovered its predecessor, Magellan 1.0.

The team says the browsers based on chromium and services using SQLite databases can be attacked. SQLite stores various browser settings and user data within. Any user visiting malicious sites that feed the SQLiteโ€™s database with improper inputs/commands can be hacked. If done successfully, a hacker can operate it remotely.

Magellan 2.0 Vulnerabilities
Image by Flickr

The study from Blade Team resulted in all the apps using the SQLite database are vulnerable to this attack. But, not much prone as Chrome browser as Googleโ€™s service uses WebSQL API which translates the JavaScript into SQL commands and fed into SQLiteโ€™s database, which eventually exposes the user to attack.

The new vulnerabilities are identified as

CVE-2019-13734/13750/13751/13752/13753.

Itโ€™s okay if your device isnโ€™t accepting external SQL queries, but having browsers with WebSQL or older SQLite functions can be exploited. Below are a few services that can be attacked:

  • Chrome/Chromium prior to version 79.0.3945.79 (Here in after referred to as โ€œold versionโ€).
  • Smart devices using an old version of Chrome/Chromium.
  • Browsers built with the old version of Chromium/Webview.
  • Android Apps that uses an old version of Webview and can access any web page.
  • Software that uses the old version of Chromium and can access any web page.

Following the vulnerability disclosure process, Tencent Blade Team decided not to disclose further details of this glitch yet. Theyโ€™d be doing this after 90days as specified.

Things To Do

Updating as usual. As Tencent has already informed Google and SQLite teams, theyโ€™ve released security patches in their latest updates. For Chrome, latest patch as version 79.0.3945.79 or (79.0.3945.73 in Android) has been released on December 13th which can be downloaded from Playstore, Appstore and respective browser stores for web versions.

Source: Tencent Blade Team

LEAVE A REPLY

Please enter your comment!
Please enter your name here