All the vulnerabilites related to Google - Nearby
cve-2024-38272
Vulnerability from cvelistv5
Published
2024-06-26 15:19
Modified
2024-08-02 04:04
Severity ?
EPSS score ?
Summary
Auth Bypass in Quick Share
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38272",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T17:10:56.595777Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T17:11:46.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:04:25.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/google/nearby/pull/2589"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/google/nearby/pull/2402"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/google/nearby",
"defaultStatus": "unaffected",
"product": "Nearby",
"repo": "https://github.com/google/nearby",
"vendor": "Google",
"versions": [
{
"lessThan": "1.0.1724.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Or Yair and Shmuel Cohen with SafeBreach"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNormally in Quick Share Windows app we can\u0027t send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode.\u0026nbsp;We recommend upgrading to version 1.0.1724.0 of Quick Share or above\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows.\u00a0Normally in Quick Share Windows app we can\u0027t send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode.\u00a0We recommend upgrading to version 1.0.1724.0 of Quick Share or above"
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "CWE-294 Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T21:39:41.140Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://github.com/google/nearby/pull/2589"
},
{
"url": "https://github.com/google/nearby/pull/2402"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Auth Bypass in Quick Share",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2024-38272",
"datePublished": "2024-06-26T15:19:31.362Z",
"dateReserved": "2024-06-12T09:23:33.130Z",
"dateUpdated": "2024-08-02T04:04:25.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-10668
Vulnerability from cvelistv5
Published
2024-11-07 15:22
Modified
2024-11-07 16:10
Severity ?
EPSS score ?
Summary
Auth Bypass in Quickshare
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10668",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T16:09:55.288390Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T16:10:57.747Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/google/nearby",
"defaultStatus": "unaffected",
"packageName": "Nearby",
"product": "Nearby",
"repo": "https://github.com/google/nearby",
"vendor": "Google",
"versions": [
{
"lessThan": "5d8b9156e0c339d82d3dab0849187e8819ad92c0",
"status": "affected",
"version": "0",
"versionType": "git"
},
{
"lessThan": "1.0.2002.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-10-04T22:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists an auth bypass in Google Quickshare where an attacker can upload an unknown file type to a victim.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe root cause of the vulnerability lies in the fact that when a Payload Transfer frame of type FILE is sent to Quick Share, the file that is contained in this frame is written to disk in the Downloads folder. Quickshare normally deletes unkown files, however an attacker can send two Payload transfer frames of type FILE and the same payload ID. The deletion logic will only delete the first file and not the second. We recommend upgrading past commit\u0026nbsp;5d8b9156e0c339d82d3dab0849187e8819ad92c0 or\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eQuick Share Windows v1.0.2002.2\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "There exists an auth bypass in Google Quickshare where an attacker can upload an unknown file type to a victim.\u00a0The root cause of the vulnerability lies in the fact that when a Payload Transfer frame of type FILE is sent to Quick Share, the file that is contained in this frame is written to disk in the Downloads folder. Quickshare normally deletes unkown files, however an attacker can send two Payload transfer frames of type FILE and the same payload ID. The deletion logic will only delete the first file and not the second. We recommend upgrading past commit\u00a05d8b9156e0c339d82d3dab0849187e8819ad92c0 or\u00a0Quick Share Windows v1.0.2002.2"
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/AU:N/R:U/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:22:24.280Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://github.com/google/nearby/pull/2892"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Auth Bypass in Quickshare",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2024-10668",
"datePublished": "2024-11-07T15:22:24.280Z",
"dateReserved": "2024-11-01T10:03:03.149Z",
"dateUpdated": "2024-11-07T16:10:57.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38271
Vulnerability from cvelistv5
Published
2024-06-26 15:19
Modified
2024-08-02 04:04
Severity ?
EPSS score ?
Summary
Denial of Service in Quick Share
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:nearby:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nearby",
"vendor": "google",
"versions": [
{
"lessThan": "1.0.1724.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T17:06:59.293625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T17:18:16.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:04:25.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/google/nearby/pull/2433"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/google/nearby/pull/2435"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/google/nearby/pull/2589"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/google/nearby/pull/2402"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/google/nearby",
"defaultStatus": "unaffected",
"product": "Nearby",
"repo": "https://github.com/google/nearby",
"vendor": "Google",
"versions": [
{
"lessThan": "1.0.1724.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Or Yair and Shmuel Cohen with SafeBreach"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists a vulnerability in Quick Share/Nearby, where an attacker can force a victim to stay connected to a temporary hotspot created for the sharing. As part of the sequence of packets in a Quick Share connection over Bluetooth, the attacker forces the victim to connect to the attacker\u2019s WiFi network and then sends an OfflineFrame that crashes Quick Share.\u003cbr\u003eThis makes the Wifi connection to the attacker\u2019s network last, instead of returning to the old network when the Quick Share session completes, allowing the attacker to be a MiTM. We recommend upgrading to version\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e1.0.1724.0 of Quick Share or above\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "There exists a vulnerability in Quick Share/Nearby, where an attacker can force a victim to stay connected to a temporary hotspot created for the sharing. As part of the sequence of packets in a Quick Share connection over Bluetooth, the attacker forces the victim to connect to the attacker\u2019s WiFi network and then sends an OfflineFrame that crashes Quick Share.\nThis makes the Wifi connection to the attacker\u2019s network last, instead of returning to the old network when the Quick Share session completes, allowing the attacker to be a MiTM. We recommend upgrading to version\u00a01.0.1724.0 of Quick Share or above"
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T21:38:09.241Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://github.com/google/nearby/pull/2433"
},
{
"url": "https://github.com/google/nearby/pull/2435"
},
{
"url": "https://github.com/google/nearby/pull/2589"
},
{
"url": "https://github.com/google/nearby/pull/2402"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service in Quick Share",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2024-38271",
"datePublished": "2024-06-26T15:19:13.955Z",
"dateReserved": "2024-06-12T09:23:33.130Z",
"dateUpdated": "2024-08-02T04:04:25.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}