PYSEC-2026-2671

Vulnerability from pysec - Published: 2026-07-13 15:19 - Updated: 2026-07-13 16:05
VLAI
Details

Summary

The fileID field from Manifest.db (a SQLite database inside iOS backups, generated by the device) is used directly in filesystem path construction without validation. This affects two commands through a shared code path:

  • mvt-ios decrypt-backup (decrypt.py): file_id is used to construct both read source and write destination paths. Traversal sequences in file_id cause decrypted content to be written to an arbitrary location on the analyst's filesystem.
  • mvt-ios check-backup (via _get_backup_file_from_id() in ios/modules/base.py): the same unvalidated fileID resolves to files outside the backup directory, which are then opened and parsed. Parsed contents flow into JSON results and CSV timeline.

Impact

File write (decrypt-backup): An adversary delivering a crafted iOS backup can cause attacker controlled content to be written to arbitrary paths writable by the analyst process. This could be leveraged for code execution via shell profile modification or SSH key injection. Severity is assessed as Moderate because exploitation requires a specifically crafted malicious bundle to be parsed by the analyst. There are trust mitigations between stakeholders involved in the handoff of the sample that reduce the likelihood of this scenario.

File read (check-backup): An adversary can force MVT to open and parse files outside the backup directory. Practical exploitation is reduced as it requires the attacker to know or guess the analyst’s directory layout for cross-case targeting, and the traversed file from the host must be a valid SQLite database or plist whose schema matches what the specific MVT module expects.

Patched version

2026.5.12

Credits

This issue was identified during a security assessment conducted by 0xche.

Impacted products
Name purl
mvt pkg:pypi/mvt

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "mvt",
        "purl": "pkg:pypi/mvt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.5.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.0.11",
        "1.0.12",
        "1.0.13",
        "1.0.14",
        "1.0.15",
        "1.0.16",
        "1.0.17",
        "1.1.0",
        "1.1.1",
        "1.2.0",
        "1.2.1",
        "1.2.10",
        "1.2.11",
        "1.2.12",
        "1.2.13",
        "1.2.14",
        "1.2.2",
        "1.2.3",
        "1.2.4",
        "1.2.5",
        "1.2.6",
        "1.2.7",
        "1.2.8",
        "1.2.9",
        "1.4.0",
        "1.4.1",
        "1.4.10",
        "1.4.11",
        "1.4.2",
        "1.4.3",
        "1.4.4",
        "1.4.5",
        "1.4.6",
        "1.4.7",
        "1.4.8",
        "1.4.9",
        "1.5.1",
        "1.5.2",
        "1.5.3",
        "1.5.4",
        "1.5.5",
        "2.0",
        "2.0.1",
        "2.1",
        "2.1.1",
        "2.1.2",
        "2.1.3",
        "2.1.4",
        "2.1.5",
        "2.1.6",
        "2.2",
        "2.2.1",
        "2.2.2",
        "2.2.3",
        "2.2.4",
        "2.2.5",
        "2.2.6",
        "2.3.0",
        "2.4.0",
        "2.4.1",
        "2.4.2",
        "2.4.3",
        "2.4.4",
        "2.4.5",
        "2.5.0",
        "2.5.1",
        "2.5.2",
        "2.5.3",
        "2.5.4",
        "2.6.0",
        "2.6.1",
        "2.7.0",
        "2026.4.28"
      ]
    }
  ],
  "aliases": [
    "CVE-2026-46486",
    "GHSA-5h3g-px23-w6vw"
  ],
  "details": "### Summary\n\nThe `fileID` field from `Manifest.db` (a SQLite database inside iOS backups, generated by the device) is used directly in filesystem path construction without validation. This affects two commands through a shared code path:\n\n- **`mvt-ios decrypt-backup`** (`decrypt.py`): `file_id` is used to construct both read source and write destination paths. Traversal sequences in `file_id` cause decrypted content to be written to an arbitrary location on the analyst\u0027s filesystem.\n- **`mvt-ios check-backup`** (via `_get_backup_file_from_id()` in `ios/modules/base.py`): the same unvalidated `fileID` resolves to files outside the backup directory, which are then opened and parsed. Parsed contents flow into JSON results and CSV timeline.\n\n### Impact\n\n**File write (decrypt-backup):** An adversary delivering a crafted iOS backup can cause attacker controlled content to be written to arbitrary paths writable by the analyst process. This could be leveraged for code execution via shell profile modification or SSH key injection. Severity is assessed as Moderate because exploitation requires a specifically crafted malicious bundle to be parsed by the\nanalyst. There are trust mitigations between stakeholders involved in the handoff of the sample that reduce the likelihood of this scenario.\n\n**File read (check-backup):** An adversary can force MVT to open and parse files outside the backup directory. Practical exploitation is reduced as it requires the attacker to know or guess the analyst\u2019s directory layout for cross-case targeting, and the traversed file from the host must be a valid SQLite database or plist whose schema matches what the specific MVT module expects.\n\n### Patched version\n[2026.5.12](https://github.com/mvt-project/mvt/releases/tag/v2026.5.12)\n\n### Credits\nThis issue was identified during a security assessment conducted by 0xche.",
  "id": "PYSEC-2026-2671",
  "modified": "2026-07-13T16:05:00.338543Z",
  "published": "2026-07-13T15:19:09.827231Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/mvt-project/mvt/security/advisories/GHSA-5h3g-px23-w6vw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46486"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mvt-project/mvt"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mvt-project/mvt/releases/tag/v2026.5.12"
    },
    {
      "type": "PACKAGE",
      "url": "https://pypi.org/project/mvt"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-5h3g-px23-w6vw"
    }
  ],
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Mobile Verification Toolkit (MVT): Path Traversal via unsanitized File identifiers in iOS Backup processing"
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…