[ad_1]
A means of the Shortcuts app, com.apple.WorkflowKit.BackgroundShortcutRunner, which executes shortcuts within the background on Apple gadgets can nonetheless, regardless of being sandboxed by TCC, entry some delicate knowledge. This permits for crafting a malicious shortcut, which may then be circulated by Shortcut’s sharing mechanism.
“This sharing mechanism extends the potential attain of the vulnerability, as customers unknowingly import shortcuts which may exploit CVE-2023-23204,” Jabin mentioned in a weblog submit. “With Shortcuts being a broadly used function for environment friendly activity administration, the vulnerability raises considerations concerning the inadvertent dissemination of malicious shortcuts by various sharing platforms.”
The malicious shortcut makes use of an motion operate provisioned within the Shortcuts app, “Develop URL,” which permits for the enlargement and cleansing up of any URL that has been beforehand shortened utilizing shorteners equivalent to t.co and bit.ly.
This operate will be exploited to pick any delicate knowledge throughout the machine (Photographs, Contacts, Recordsdata, and Clipboard Knowledge), import it, and use base64 encoding to transform it for sending it to an attacker-controlled server, in keeping with JABIN.
Apple releases yet one more patch
The bug, which impacts macOS earlier than Sonoma 14.3, iOS earlier than 17.3, and iPadOS earlier than 17.3, has been consequently patched with further permission checks.
Along with making use of the patches on all Apple gadgets, Jabin has suggested Apple clients to train warning when executing shortcuts from untrusted sources.
[ad_2]
