The newly discovered ZipperDown vulnerability may allow an remote code execution on iOS apps. It affects 15,978 out of 168,951 iOS apps (around 10%) in total.
Pangu Lab detected the vulnerability and they named it named it ZipperDown “common programming error, which leads to severe consequences such as data overwritten and even code execution in the context of affected Apps.”
ZipperDown is a very typical programming error that could allow attackers to overwrite the affected app’s data, or even gain code execution in the context of the affected app.
We confirmed several iOS apps with more than 100 millions users are vulnerable to #ZipperDown#, and found more than 10k iOS apps might have the same or similar issues. Check https://t.co/WOg5AGzREb and contact us for details and fix if your app is in the list.
— PanguTeam (@PanguTeam) May 15, 2018
The good news here is that the Execution of the Vulnerability is complicated. The attacker should have the control over the wireless network where the device connected and the affected app should run out of the sandbox.
According to Pangu Lab researchers analysis, the vulnerability affects some famous apps including Weibo, MOMO, NetEase Music, QQ Music and Kwai that are downloaded by more than 100 million users.
The ZipperDown vulnerability details were not disclosed in public to protect the end users, researchers recommend app developers to contact them for more details on ZipperDown.
Pangu Lab researchers said Android users also affected, according to their analysis with the popular Android apps have the similar issues. Android developers can check the vulnerability with ZipperDown Vulnerability Detector for Android, but it may have high false positives.
At this time there is no All-In-One detection for this vulnerability and the researchers recommend the manual inspection to confirm it.