APKLeaks, Android Security Tool, Has Patched Severe Vulnerability

APKLeaks, Android Security Tool, Has Patched Severe Vulnerability

APKLeaks’ maintainers have corrected a major vulnerability that may be used to execute arbitrary code remotely.

APKLeaks is open-source software developed by Indonesian security engineer Dwi Siswanto for analyzing Android application package (APK) files for URLs, endpoints, and secrets. FirmwareDroid, a backend solution for Android firmware analysis, makes use of the app.

According to a security advisory released on GitHub on January 21, the software’s maintainers claimed the security weakness “allows remote authenticated attackers to execute arbitrary OS commands via [the] package name inside application manifest.”

“An attacker could include arguments that allow unintended commands or code to be executed, allow sensitive data to be read or modified or could cause other unintended behavior through malicious package name,” the alert goes on.

CVE-2021-21386 has been assigned a CVSS severity value of 9.3, up from a previous CVSS score of 7.3. The weakness is defined as an inappropriate neutralization of argument delimiters. The severe security flaw was discovered by developer ‘RyotaK‘ on March 19, 2021, and it involves a failure to guard against attackers supplying parameters that might trigger “unintended” instructions, remotely executing malware, or accessing or interfering with sensitive data.

The report also warns that attackers may use a malicious package name to carry out the additional undesired activity. There was no need for authentication to exploit the vulnerability. However, a fix issued with APKLeaks version 2.0.3 to address the weakness did not entirely repair the problem. According to RyotaK, the 2.0.4 patch fixed the problem in the program’s development branch, while v2.0.6-dev fixed the issue in the program’s master branch.

There was no response when reached out to the project’s developers with additional queries. A reply is still awaited to provide further updates.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.