Weak Randomization of BridgeSecret for Apache Cordova Android

Aleph Research Advisory

Identifier

CVE-2015-5257

Severity

Low

Product

Cordova Android

Vulnerable Version

Up to 3.6.4

Mitigation

Apply patches

Technical Details

Cordova uses a bridge that allows the Native Application to communicate with the HTML and Javascript that control the user interface. To protect this bridge on Android, from third-party hijacking, the framework uses a random value (BridgeSecret). However, BridgeSecret is not sufficiently random and can be determined in certain scenarios, allowing the adversary to bypass this protection mechanism.

Timeline

01-Mar-17
: Added as ALEPH-2015007.
20-Nov-15
: Public disclosure.

Credit

Roee Hay (@roeehay) of Aleph Research, HCL Technologies
David Kaplan (@depletionmode)

External References

Cordova security report