Platform
ios
Component
bluecats-reveal
Fixed in
5.14.1
CVE-2019-5627 is a security vulnerability affecting BlueCats Reveal, an iOS mobile application. This vulnerability involves the insecure storage of usernames and passwords in the app cache as base64 encoded strings. An attacker gaining physical access to a compromised device could potentially extract these credentials and compromise the associated BlueCats network implementation. The vulnerability impacts versions of BlueCats Reveal prior to 5.14, and a fix is available in version 5.14.
The primary impact of CVE-2019-5627 is the potential for unauthorized access to BlueCats networks. An attacker who obtains physical access to an iOS device running a vulnerable version of BlueCats Reveal can extract the stored username and password from the app cache. Because the credentials are stored in base64 encoded format, decoding them is trivial. This allows the attacker to impersonate a legitimate user and gain control of the BlueCats network, potentially leading to data breaches, unauthorized configuration changes, or disruption of services. The blast radius is limited to the specific BlueCats network implementation affected by the compromised credentials, but the consequences can be significant for organizations relying on this system.
CVE-2019-5627 was publicly disclosed on May 22, 2019. There are no known active exploitation campaigns targeting this vulnerability. No public proof-of-concept (PoC) code has been released, but the ease of decoding base64 encoded strings suggests that exploitation would be relatively straightforward for an attacker with physical access to a compromised device. This vulnerability is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.06% (18% percentile)
CVSS Vector
The primary mitigation for CVE-2019-5627 is to upgrade BlueCats Reveal to version 5.14 or later, which addresses the insecure storage of credentials. If immediate upgrading is not possible, consider implementing mobile device management (MDM) policies to restrict access to sensitive data and enforce strong password policies. While base64 encoding is not encryption, it does provide a minimal level of obfuscation. However, relying on this is not a secure practice. There are no specific WAF or proxy rules that can directly address this vulnerability, as it resides within the application itself. Regular security audits of the BlueCats Reveal application and its configuration are also recommended.
Update the BlueCats Reveal application to version 5.14 or later. This version fixes the insecure storage of credentials. Ensure you delete the application and reinstall it after updating to clear any existing cache.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2019-5627 is a vulnerability in BlueCats Reveal versions before 5.14 where usernames and passwords are stored in the app cache as base64 encoded strings, accessible with physical device access.
You are affected if you are using BlueCats Reveal versions prior to 5.14 on iOS devices. Check your app version and upgrade immediately if necessary.
Upgrade BlueCats Reveal to version 5.14 or later to resolve the insecure credential storage issue. Consider implementing MDM policies for enhanced security.
There are no known active exploitation campaigns targeting CVE-2019-5627 at this time, but the vulnerability is easily exploitable with physical device access.
Refer to the BlueCats security advisory for detailed information and updates regarding CVE-2019-5627: [https://www.bluecats.com/security-advisory/](https://www.bluecats.com/security-advisory/)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your Podfile.lock file and we'll tell you instantly if you're affected.