CVE-2022-44560 The launcher module has an Intent redirection vulnerability

Redirection of an Intent will redirect the request from the component that created the Intent (e.g. activity, service, broadcast receiver, etc) to another component or process. An attacker may leverage this redirection to perform malicious activities, such as gathering private information, performing phishing attacks, exfiltrating data, or performing remote code execution. Redirection of an Intent is not enabled by default. To enable redirection, an application must explicitly enable it by calling { enableRedirection() }. An application may enable redirection by setting the activity component’s android:launchMode attribute to one of the following values: launch, launchWithContext, or default. When the android:launchMode attribute is set to launch, the Intent is always redirection, even if enabling it by calling enableRedirection() is not enabled.

Vulnerability overview

The vulnerability allows the attacker to perform a malicious activity on the targeted device.

1) The attacker sends an Intent to start a malicious activity.
2) The attacker sends another Intent to start an activity or service that will make the attack successful.
3) The target device is in launch mode, which means the Intent will always be redirected by default.

Mitigation Strategies:

Mitigation Strategies:

Vulnerability Details

An application may be vulnerable to this vulnerability if it enables redirection by setting the activity component’s android:launchMode attribute to one of the following values: launch, launchWithContext, or default.

CVE-2023-44561

Dangerous Broadcast Flag is not enabled by default. To enable the dangerous broadcast flag, an application must explicitly call { enableDangerousBroadcast() }.

Vulnerability Details

An attacker can leverage this vulnerability to perform malicious activities, such as gathering private information, performing phishing attacks, exfiltrating data, or performing remote code execution. Vulnerability details: An attacker may leverage redirection of an Intent to perform a phishing attack and gather private information, exfiltrate data, or perform remote code execution.

Timeline

Published on: 11/09/2022 21:15:00 UTC
Last modified on: 11/17/2022 15:16:00 UTC

References

• https://consumer.huawei.com/en/support/bulletin/2022/11/
• https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-44560