Keep My Notes 1.80.147 - Improper Access Control
6,1
Medium
Discovered by
Offensive Team, Fluid Attacks
Summary
Full name
Keep My Notes 1.80.147 - Improper Access Control
Code name
State
Public
Release date
1 jun 2022
Affected product
Keep My Notes
Affected version(s)
Version 1.80.147
Vulnerability name
Improper Access Control
Vulnerability type
Remotely exploitable
No
CVSS v3.1 vector string
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS v3.1 base score
6.1
Exploit available
Yes
CVE ID(s)
Description
An attacker with physical access to the victim's device can bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation.
Proof of Concept
It is important to know that for a successful exploitation, the "Continue" button must be clicked repeatedly.
Steps to reproduce
Install and configure frida as indicated in the following link.
Now just run this command to hook the
runfunction so that it can be dynamically rewritten to bypass application protection.Now all you have to do is click the "Continue" button 3 or 4 times, then close the application and finally open it again.
System Information
Package Name: org.whiteglow.keepmynotes
Application Label: Keep My Notes
Mobile app version: 1.80.147
OS: Android 8.0 (API 26)
Exploit
Mitigation
There is currently no patch available for this vulnerability.
References
Vendor page http://www.kitetech.co/keepmynotes
Timeline
IA generativa
12 may 2022
Vendor Confirmed Vuln.
12 may 2022
Vendor contacted
12 may 2022
Public disclosure
1 jun 2022
