Cybersecurity researchers have disclosed particulars of a brand new vulnerability impacting Google’s Fast Share information switch utility for Home windows that might be exploited to realize a denial-of-service (DoS) or ship arbitrary recordsdata to a goal’s system with out their approval.
The flaw, tracked as CVE-2024-10668 (CVSS rating: 5.9), is a bypass for 2 of the ten shortcomings that had been initially disclosed by SafeBreach Labs in August 2024 underneath the title QuickShell. It has been addressed in Fast Share for Home windows model 1.0.2002.2 following accountable disclosure in August 2024.
A consequence of those 10 vulnerabilities, collectively tracked as CVE-2024-38271 (CVSS rating: 5.9) and CVE-2024-38272 (CVSS rating: 7.1), was that they might have been common into an exploit chain to acquire arbitrary code execution on Home windows hosts.
Fast Share (beforehand Close by Share) is a peer-to-peer file-sharing utility just like Apple AirDrop that enables customers to switch recordsdata, photographs, movies, and different paperwork between Android gadgets, Chromebooks, and Home windows desktops and laptops in shut bodily proximity.
A follow-up evaluation by the cybersecurity firm discovered that two of the vulnerabilities weren’t fastened appropriately, as soon as once more inflicting the appliance to crash or bypass the necessity for a recipient to simply accept a file switch request by straight transmitting a file to the system as an alternative.
Particularly, the DoS bug might be triggered through the use of a file title that begins with a distinct invalid UTF8 continuation byte (e.g., “xc5xff”) as an alternative of a file title that begins with a NULL terminator (“x00”).
However, the preliminary repair for the unauthorized file write vulnerability marked such transferred recordsdata as “unknown” and deleted them from the disk after the file switch session was full.
This, SafeBreach researcher Or Yair stated, might be circumvented by sending two totally different recordsdata in the identical session with the identical “payload ID,” inflicting the appliance to delete solely certainly one of them, leaving the opposite intact within the Downloads folder.
“Whereas this analysis is restricted to the Fast Share utility, we consider the implications are related to the software program business as a complete and recommend that even when code is complicated, distributors ought to all the time tackle the actual root reason behind vulnerabilities that they repair,” Yair stated.
