1Password Vulnerability Let Attackers Exfiltrate Vault Items

A prime vulnerability, designated as CVE-2024-42219, has been identified in 1Password 8 for Mac. This flaw enables malicious actors to exfiltrate vault items by bypassing the app’s platform security protections.

Robinhood’s Red Team responsibly disclosed the topic following an neutral security evaluate of 1Password for Mac.

CVE-2024-42219 – The Vulnerability

The vulnerability impacts the inter-direction of verbal exchange (IPC) protections of 1Password for Mac. Particularly, a malicious direction of working within the community on a machine can exploit this flaw to circumvent IPC protections.

This could likely enable an attacker to hijack or impersonate relied on 1Password integrations, equivalent to the 1Password browser extension or Whine Line Interface (CLI).

This vulnerability impacts all variations of 1Password 8 for Mac earlier to model 8.10.36 (released in July 2024). Users working these variations risk having their vault items exfiltrated by malicious application.

To mitigate this risk, customers of affected variations are strongly suggested to interchange to the most fresh model, 1Password, for Mac 8.10.36. The up so a long way model involves crucial patches to handle the safety flaw.

To consume this vulnerability, an attacker must scuttle malicious application on a goal computer designed to take good thing about 1Password for Mac. The attacker can misuse missing macOS-explicit inter-direction of validations to hijack or impersonate a relied on 1Password integration.

This could likely maybe well enable the exfiltration of vault items and the acquisition of derived values frail to be part of to 1Password, including the yarn free up key and “SRP-𝑥”.

1Password utilizes the map-native XPC interface for inter-direction of verbal exchange on macOS. XPC enforces additional protections by the hardened runtime, which prevents explicit native assaults by guaranteeing processes absorb protections in opposition to tampering.

This vulnerability resulted from missing inter-direction of validations, which has been addressed within the most fresh exchange. 1Password has expressed gratitude to Robinhood’s Red Team for their guilty disclosure, enabling the company to give protection to its customers proactively.

The company has confirmed that no-one has reported discovering or exploiting this field.