Executive Summary
Informations | |||
---|---|---|---|
Name | TA14-317A | First vendor Publication | 2014-11-13 |
Vendor | US-CERT | Last vendor Modification | 2014-11-13 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | Not Defined | Attack Range | Not Defined |
Cvss Impact Score | Not Defined | Attack Complexity | Not Defined |
Cvss Expoit Score | Not Defined | Authentication | Not Defined |
Calculate full CVSS 2.0 Vectors scores |
Detail
Overview A technique labeled “Masque Attack” allows an attacker to substitute malware for a legitimate iOS app under a limited set of circumstances. DescriptionMasque Attack was discovered and described by FireEye mobile security researchers.[1] This attack works by luring users to install an app from a source other than the iOS App Store or their organizations’ provisioning system. In order for the attack to succeed, a user must install an untrusted app, such as one delivered through a phishing link. This technique takes advantage of a security weakness that allows an untrusted app—with the same “bundle identifier” as that of a legitimate app—to replace the legitimate app on an affected device, while keeping all of the user’s data. This vulnerability exists because iOS does not enforce matching certificates for apps with the same bundle identifier. Apple’s own iOS platform apps, such as Mobile Safari, are not vulnerable. ImpactAn app installed on an iOS device using this technique may:
SolutioniOS users can protect themselves from Masque Attacks by following three steps:
Further details on Masque Attack and mitigation guidance can be found on FireEye’s blog [1]. US-CERT does not endorse or support any particular product or vendor. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA14-317A.html |
Alert History
Date | Informations |
---|---|
2014-11-13 21:23:24 |
|