CVE-2024-1694: Google Updater's Inappropriate Implementation Allowed Local Attackers to Bypass Discretionary Access Control in Google Chrome

Introduction:

The Google Chrome web browser is one of the most widely used browsers globally. As with any software, it is crucial to maintain good security practices and promptly address vulnerabilities as they are discovered. In today's post, we will explore the CVE-2024-1694 vulnerability that affected Google Chrome versions prior to 1.3.36.351, with a high severity rating.

A local attacker could exploit the vulnerability by employing a malicious file, taking advantage of Google Updater's inappropriate implementation, and bypassing discretionary access control. Keeping the potential harm in mind, we will discuss the links to the original references, code snippets, and exploit details to understand better how this vulnerability works and how to tackle it.

Vulnerability Overview

CVE-2024-1694, or the "local bypass of discretionary access control in Google Chrome," refers to an inappropriate implementation in Google Updater versions before 1.3.36.351. This weakness allowed local attackers to bypass various security measures implemented to protect the system against unauthorized access and modification.

Exploit Details

The exploitation process begins with the attacker creating a malicious file to target the Google Updater. They would then run an executable, such as an innocuous-looking application, to upload the malicious file. Once the malicious file is uploaded and executed, the attacker can bypass discretionary access control mechanisms.

Here's a code snippet providing an example of how a malicious file could be created

#include <stdio.h>
#include <stdlib.h>

int main()
{
    FILE *file;
    file = fopen("malicious_file.c", "w");

    char payload[] = "Insert malicious payload here.";

    fwrite(payload, 1, sizeof(payload) - 1, file);
    fclose(file);

    return ;
}

With the malicious file created, the attacker can run an executable to exploit the vulnerability and bypass discretionary access control.

References

1. Google Chrome Vulnerability Tracking - CVE-2024-1694
2. Chromium Security Vulnerability Details - CVE-2024-1694

Mitigation and Prevention

To mitigate this vulnerability and prevent similar issues in the future, you should update your Google Chrome browser to the latest version (1.3.36.351 or later). The inappropriate implementation in Google Updater was fixed after version 1.3.36.351, and security measures are better equipped to handle such attacks as a result.

Verify the version of your Chrome browser by clicking on the three-dot menu found on the top-right corner, selecting "Help," then "About Google Chrome." The browser will display the current version and automatically update if needed.

Conclusion

The CVE-2024-1694 vulnerability served as a reminder of the importance of keeping your software up-to-date, especially when it is as widely used as Google Chrome. By staying informed on security vulnerabilities, updating your software, and following good security practices, you can keep your systems safe from potential attacks.

Timeline

Published on: 06/07/2024 20:15:10 UTC
Last modified on: 08/01/2024 13:46:10 UTC