A high-severity flaw in the Amazon Photos Android App — which has more than 50 million downloads — could allow attackers to steal a user’s Amazon access token and use it to access multiple Amazon APIs.
The team at Checkmarx alerted Amazon to the broken authentication vulnerability in the Amazon Photo App for Android, which allows users to share, print, and store mobile photos.
The analysts said the bug is due to a component misconfiguration in the app’s manifest file.
“Whenever this activity is launched, it triggers an HTTP request that carries a header with the customer’s access token,” the team said. After receiving the request, the analysts found they could also gain control of the server.
The report added that, “with all these options available for an attacker, a ransomware scenario was easy to come up with as a likely attack vector. A malicious actor would simply need to read, encrypt, and re-write the customer’s files while erasing their history.”
To protect themselves, users should update to the latest version of the app. Checkmarx researchers said that downloads made before Dec. 18 are affected if users haven’t updated the app since then.
