Plattform
ios
Komponente
bluecats-reveal
Behoben in
5.14.1
CVE-2019-5627 is a security vulnerability affecting BlueCats Reveal, an iOS mobile application. This vulnerability involves the insecure storage of usernames and passwords in the app cache as base64 encoded strings. An attacker gaining physical access to a compromised device could potentially extract these credentials and compromise the associated BlueCats network implementation. The vulnerability impacts versions of BlueCats Reveal prior to 5.14, and a fix is available in version 5.14.
The primary impact of CVE-2019-5627 is the exposure of user credentials. An attacker gaining physical access to an iOS device running a vulnerable version of BlueCats Reveal, or successfully installing a malicious application, can extract these credentials from the app cache. These credentials could then be used to compromise the BlueCats network implementation, potentially granting unauthorized access to sensitive data or control over network devices. The base64 encoding, while not encryption, still requires some effort to decode, but the persistence of the credentials even after logout significantly increases the risk. This vulnerability highlights the importance of secure credential storage practices in mobile applications.
CVE-2019-5627 was publicly disclosed on May 22, 2019. There is no indication of active exploitation campaigns targeting this vulnerability. It is not listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, likely due to the requirement for physical device access.
Organizations utilizing BlueCats Reveal for location-based services or asset tracking are at risk. This includes businesses deploying BlueCats beacons and relying on the mobile application for management and monitoring. Users with legacy iOS devices running older versions of BlueCats Reveal are particularly vulnerable, as are those who do not have robust mobile device management policies in place.
• ios / mobile:
# Check for BlueCats Reveal app installation
ls -l /Applications | grep BlueCats
# Examine app cache for base64 encoded strings (requires jailbreak or similar access)
# This is highly dependent on iOS version and app implementation
# Example (may not be accurate):
# grep -a '^[A-Za-z0-9+/]*={0,2}$' /private/var/containers/Data/Application/<APP_ID>/Documents/*disclosure
Exploit-Status
EPSS
0.06% (18% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2019-5627 is to upgrade BlueCats Reveal to version 5.14 or later, which addresses the insecure credential storage. If immediate upgrade is not possible due to compatibility issues or testing requirements, consider implementing mobile device management (MDM) policies to restrict app installations from untrusted sources. While not a direct fix, this can reduce the risk of malicious app compromise. Additionally, educate users about the risks of installing apps from unofficial sources and the importance of keeping their devices secure. There are no specific WAF or proxy rules that can directly address this vulnerability as it resides within the application itself.
Aktualisieren Sie die BlueCats Reveal App auf Version 5.14 oder höher. Diese Version behebt die unsichere Speicherung von Anmeldeinformationen. Stellen Sie sicher, dass Sie die App löschen und nach dem Aktualisieren neu installieren, um jeglichen vorhandenen Cache zu leeren.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2019-5627 is a vulnerability in BlueCats Reveal versions before 5.14 where usernames and passwords are stored in the app cache as base64 encoded strings, accessible with physical device access.
You are affected if you are using BlueCats Reveal versions prior to 5.14 on iOS devices. Check your app version and upgrade immediately if necessary.
Upgrade BlueCats Reveal to version 5.14 or later to resolve the insecure credential storage issue. Consider implementing MDM policies for enhanced security.
There are no known active exploitation campaigns targeting CVE-2019-5627 at this time, but the vulnerability is easily exploitable with physical device access.
Refer to the BlueCats security advisory for detailed information and updates regarding CVE-2019-5627: [https://www.bluecats.com/security-advisory/](https://www.bluecats.com/security-advisory/)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Podfile.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.