Improper Authentication in SHAREit for Android - CVE-2019-9939
Published: February 27, 2019 / Updated: March 22, 2019
Vulnerability identifier: #VU17874
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green
CVE-ID: CVE-2019-9939
CWE-ID: CWE-287
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
SHAREit for Android
SHAREit for Android
Software vendor:
SHAREit Technologies Co.Ltd
SHAREit Technologies Co.Ltd
Description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the application grants access permissions to any client that requests a non-existing page. A remote attacker can send HTTP GET request to the application to port 2999/tcp, request a non-existing page. The application will add the attacker's device into the list of recognized devices and subsequent requests to the application will be considered as authenticated requests.
A remote attacker with ability to directly connect to the application via network is able to bypass authentication and gain unauthorized access to files on the device.
Remediation
Install updates from vendor's website.