The bug, discovered by researchers from Checkmarx, stemmed from permission bypass issues in the Google Camera app. The issue (filed under CVE-2019-2234) affected Pixel phones, but further spilled over to devices from Samsung and other manufacturers. “An attacker can control the app to take photos and/or record videos through a rogue application that has no permissions to do so,” the researchers write. “Additionally, we found that certain attack scenarios enable malicious actors to circumvent various storage permission policies, giving them access to stored videos and photos, as well as GPS metadata embedded in photos, to locate the user by taking a photo or video and parsing the proper EXIF data.” The security firm has demonstrated a Proof-of-Concept of the attack in a video uploaded to YouTube. Google has since confirmed the issue, thanking the researchers for their work. The good thing is that the bug has already been ironed out. “We appreciate Checkmarx bringing this to our attention and working with Google and Android partners to coordinate disclosure,” the company said in a statement. “The issue was addressed on impacted Google devices via a Play Store update to the Google Camera Application in July 2019. A patch has also been made available to all partners.” Still, maybe Google’s Project Zero researchers should catch a break from finding bugs in iOS to sort out their own security woes, so others don’t have to. via CyberScoop
