Apple forgot to sanitize the Phone Number field for lost AirTags

by
Jim Salter
from Ars Technica - All content on (#5Q6S5)
GettyImages-1315307771-800x452.jpg

Enlarge / Apple's AirTags-as seen clipped to a backpack, above-allow users to attempt to find their own device via location rebroadcast from other Apple users. If all else fails, the user can enable a "Lost mode" intended to display their phone number when a finder scans the missing AirTag. (credit: James D. Morgan / Getty Images)

The hits keep coming to Apple's bug-bounty program, which security researchers say is slow and inconsistent to respond to its vulnerability reports.

This time, the vuln du jour is due to failure to sanitize a user-input field-specifically, the phone number field AirTag owners use to identify their lost devices.

The Good Samaritan attackGettyImages-1315307821-640x395.jpg

AirTags are tiny, button-like devices which can be personalized with engraving and attached to easily lost devices either directly or via "loop" holders. (credit: James D. Morgan via Getty Images)

Security consultant and penetration tester Bobby Rauch discovered that Apple's AirTags-tiny devices which can be affixed to frequently lost items like laptops, phones, or car keys-don't sanitize user input. This oversight opens the door for AirTags to be used in a drop attack. Instead of seeding a target's parking lot with USB drives loaded with malware, an attacker can drop a maliciously prepared AirTag.

Read 10 remaining paragraphs | Comments

index?i=A9RltHY_ti0:ZN39bzN5iLI:V_sGLiPB index?i=A9RltHY_ti0:ZN39bzN5iLI:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments