Thursday, January 23, 2025
HomeCVE/vulnerabilityThinkware Cloud APK Vulnerability Allows Code Execution With Elevated Privileges

Thinkware Cloud APK Vulnerability Allows Code Execution With Elevated Privileges

Published on

SIEM as a Service

Follow Us on Google News

A critical vulnerability identified as CVE-2024–53614 has been discovered in the Thinkware Cloud APK version 4.3.46.

This vulnerability arises from the use of a hardcoded decryption key within the application. It allows malicious actors to access sensitive data and execute arbitrary commands with elevated privileges, potentially compromising the security of users’ devices and data.

The presence of a hardcoded key, which is a serious security flaw, means that attackers can easily decrypt data transferred between the app and the cloud service.

This can expose personal information, including login credentials, which could then be exploited to gain unauthorized access to the cloud service containing sensitive video and audio footage from dashcams, as per a report by George Chen shared in Medium.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

The vulnerability was responsibly disclosed to Thinkware on November 12, 2024. The disclosure was made through Thinkware’s PSTI vulnerability disclosure program under support ticket #132091.

Thinkware acknowledged the report on November 13, 2024, and confirmed that it had been forwarded to their mobile app development team for assessment.

A request for public disclosure of the vulnerability was initiated on November 19, 2024, and Thinkware was informed that the report would be shared with MITRE to ensure appropriate tracking and awareness.

Vulnerability Details:

The vulnerability is categorized under CWE-321: Use of Hard-coded Cryptographic Key.

This type of flaw indicates that the cryptographic key is embedded directly in the application code rather than being securely managed, allowing attackers to easily obtain the key and decrypt sensitive data.

For security reasons, the specific component affected within the Thinkware Cloud APK has been redacted. However, it is important for users and organizations relying on this application to be aware of the potential risks associated with this vulnerability.

The specific version of the Thinkware Cloud APK affected by this vulnerability is version 4.3.46. Users running this version are at risk and should take immediate action to secure their data and systems.

The attack vector involves a man-in-the-middle (MitM) scenario where an attacker intercepts the encrypted login data exchanged between the user and the Thinkware cloud service.

By leveraging the hardcoded decryption key, the attacker can decrypt the data to reveal login credentials, thereby gaining unauthorized access to sensitive data, such as video and audio footage captured by Thinkware’s dashcams.

To mitigate this vulnerability, users are advised to update to the latest version of the Thinkware Cloud APK as soon as an update is released. Developers should also remove hardcoded keys and implement secure key management practices.

Additionally, users should be cautious about using unsecured or public networks where MitM attacks are more likely to occur.

Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks

A new report has put the spotlight on potential security vulnerabilities within the popular...

New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies

The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing...

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks

A new report has put the spotlight on potential security vulnerabilities within the popular...

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...