Security News Vulnerability in 1Password for Mac lets attacker steal data from password vault

Gandalf_The_Grey

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
Content source
https://www.security.nl/posting/853207/Lek+in+1Password+for+Mac+laat+aanvaller+data+uit+wachtwoordkluis+stelen
A vulnerability in 1Password for Mac allows data to be stolen from the password manager's password vault, as well as "derived values" used to log into 1Password. 1Password has released a security update to fix the problem. To exploit the vulnerability, however, an attacker must first be able to execute malware on a Mac running 1Password.

Through the vulnerability, the malware can impersonate a trusted 1Password integration, such as the 1Password browser extension. This allows the malware to steal data from the password vault and log into 1Password accounts. The impact of the vulnerability, referred to as CVE-2024-42219, is rated 7.0 on a scale of 1 to 10. Users are advised to update to 1Password for Mac version 8.10.36. The researchers who discovered the vulnerability will give a presentation on it tomorrow at the Defcon conference in Las Vegas.
Click to expand...
Translated from Dutch by DeepL

Lek in 1Password for Mac laat aanvaller data uit wachtwoordkluis stelen - Security.NL

www.security.nl www.security.nl
 
  • Like
  • +Reputation
  • Applause
Reactions: Researchspace, brambedkar59, Trident and 3 others
Divine_Barakah

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
"Through the vulnerability, the malware can impersonate a trusted 1Password integration, such as the 1Password browser extension." 1Password extension gets authenticated automatically, but some password managers excplicitly ask you to compare the two pins, the one displayed in the browser and the one that is displayed in the app itself. Would that approach protect against this kind of vulnerability?
 
  • Like
Reactions: Jonny Quest
Jonny Quest

Jonny Quest

Level 21
Verified
Top Poster
Well-known
Mar 2, 2023
1,081
Divine_Barakah said:
"Through the vulnerability, the malware can impersonate a trusted 1Password integration, such as the 1Password browser extension." 1Password extension gets authenticated automatically, but some password managers excplicitly ask you to compare the two pins, the one displayed in the browser and the one that is displayed in the app itself. Would that approach protect against this kind of vulnerability?
Click to expand...
What password mangers ask for the pin confirmation. Just curious, being a 1Password PC user.
 
  • Like
Reactions: Divine_Barakah

Similar threads

enaph
    • +Reputation
    • Like
Security News Apple Safari Flaw “HM Surf” Allows Unauthorized Data Access on macOS
Replies
0
Views
1,322
Security News
enaph
enaph
[correlate]
    • Like
Security News Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
Replies
0
Views
1,505
Security News
[correlate]
[correlate]
lokamoka820
    • Like
    • +Reputation
Security News Microsoft Office Apps Provide a New Path for Hackers
Replies
0
Views
2,116
Security News
lokamoka820
lokamoka820

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top