A few months ago, our security researchers and ethical hackers Thijs Alkemade and Daan Keuper examined the security of the CoronaCheck app. They found a number of interesting vulnerabilities.
Because it has become one of the most used apps in a short time, Daan and Thijs decided to research the CoronaCheck app for iOS. Soon several vulnerabilities were found that have to do with validating certificates. The CoronaCheck app has built in its own logic for validating certificates before setting up an encrypted connection. However, these checks were incorrect, which made it possible to bypass the validation in specific circumstances.
Vulnerabilities no direct impact
However, these vulnerabilities found in the CoronaCheck app had no direct impact on the users. This means that the data of users of the app could not be misused. Apple has added extra security measures in its operating system by default, so the vulnerabilities were not exploitable directly.
Daan and Thijs have made a report through the responsible disclosure contact information. In July 2021, the developers were informed of the vulnerabilities found. In October 2021, Computest found that not all recommendations had been followed correctly and an update was sent. All recommendations have now been implemented and the vulnerabilities have been resolved.
Curious about the technical details of this security investigation, how Apple tries to protect developers against this and the disclosure process?
Sector 7 - Security Research Centre
The research into the vulnerabilities in the CoronaCheck app was done in our Security Research Centre. On the top floor of Computest HQ, chief hackers from Sector 7, the research division of Computest Security, work in this lab on the most sensitive and complicated cyber research assignments.
More information about the investigations and vulnerabilities found in, among others, Zoom, Volkswagen and Proctorio: https://sector7.computest.nl/