Security News > 2020 > February > MIT Researchers Find Vulnerabilities in Voatz Voting App

MIT Researchers Find Vulnerabilities in Voatz Voting App
2020-02-14 13:44

Vulnerabilities in the Voatz Internet voting app could allow adversaries to alter, stop, or expose a user's vote, security researchers from the Massachusetts Institute of Technology have discovered.

Developed by the private Boston-based Voatz, the application is the first Internet voting app to have been used in high-stakes U.S. federal elections and is "On track to be used in the 2020 Primaries," the researchers point out.

MIT researchers claim that, because Voatz restricts the use of their app on certain device models, adversaries may trick owners of unsupported devices into installing malicious apps via legitimate-looking websites.

For their analysis, the MIT researchers reverse engineered the Voatz Android application and used a clean-room reimplementation of Voatz's server.

The company says the analyzed application is old and was never used in elections and that, because the app never connected to a Voatz servers, the researchers make "Assumptions about the interactions between the system components that are simply false."


News URL

http://feedproxy.google.com/~r/Securityweek/~3/TxHjhDaKgXU/mit-researchers-find-vulnerabilities-voatz-voting-app

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
MIT 6 3 15 12 7 37