AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Shareit android app9/4/2023 ![]() It's super easy to use! And the best part? Its free! With SHAREit you can also clean your phone to free up storage space, manage files on your phone, speed up your phone and save battery life, boost game performance by transferring game cache files directly from mobile to PC. Trusted by 2 billion+ users worldwide, you can be sure that SHAREit is a secure way to share your files. SHAREit is a super-fast and safe way to transfer big files. Trend Micro claims that "an attacker may craft a fake file, then replace those files via the aforementioned vulnerability to perform code execution.Share your files, apps, games, and more with the SHAREit file transfer app. This allows third-party apps to edit the data ShareIt uses to run, including the app cache generated during install and runtime. In effect, this vulnerability allows attackers to call on ShareIt's file-content provider and pass it a file path to get access to all of its data files. However, the developers behind ShareIt haven't given much thought to limit the app's content-provider capabilities, which can give attackers access to all files in ShareIt's "private" directory. It's up to developers to sanitize these cross-app capabilities and only expose the necessary file manager capabilities to Gmail and other apps." If Gmail wants to attach a file to an email, it can do that by showing a list of available file-content providers installed on your phone (it's basically an "open with" dialog box), and the user can pick their favorite file manager, navigate through their storage, and pass the file they want to Gmail. ![]() ![]() ![]() The publication notes: "Android prides itself on intra-app communication, partly because any app can create a content provider and provide its content and services to other apps. Elaborating on one of the vulnerabilities, Ars Technica reveals that ShareIt has one common Android app vulnerability that can give attackers read/write access to all of its files. ![]()
0 Comments
Read More
Leave a Reply. |