Security News > 2024 > August > Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
Two vulnerabilities affecting the macOS version of the popular 1Password password manager could allow malware to steal secrets stored in the software's vaults and obtain the account unlock key, AgileBits has confirmed.
Discovered by the Robinhood Red Team during a security assessment of 1Password for Mac and then privately reported to the software's makers, the vulnerabilities have been fixed in two consecutive versions of the software: v8.10.36 and v8.10.38.
"An attacker is able to misuse missing macOS specific inter-process validations to hijack or impersonate a trusted 1Password integration such as the 1Password browser extension or CLI," the company says.
CVE-2024-42218 may allow attackers to bypass macOS-specific security mechanisms by using outdated versions of the 1Password for Mac app.
"To exploit the issue, an attacker must run malicious software on a computer specifically targeting 1Password for Mac. If an attacker is able to load an old version of 1Password on a user's computer, they could then access 1Password associated secrets stored in the macOS Keychain," the advisory notes.
"This issue leverages out-of-date versions of 1Password that contain vulnerabilities in 3rd party dependencies and are missing security hardening measures enabled in all modern versions of 1Password. An attacker can use the existence of these old versions to create an attack on newer versions of the apps."
News URL
https://www.helpnetsecurity.com/2024/08/09/cve-2024-42219-cve-2024-42218/
Related news
- Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342) (source)
- Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) (source)
- Critical VMware vCenter Server bugs fixed (CVE-2024-38812) (source)
- Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) (source)
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-06 | CVE-2024-42218 | Unspecified vulnerability in 1Password 1Password 8 before 8.10.38 for macOS allows local attackers to exfiltrate vault items by bypassing macOS-specific security mechanisms. | 4.7 |