SQLite is an in-process library that implements a self-contained, serverless, zero-configuration and transactional database engine. It is also an open-source system which means it is free to use and easily manipulated by the developer that is using it. SQLite is also one of the most widely used database engines with such as Google Chrome, Mozilla Firefox, Windows 10 and a multitude of other well-known programs. Tencent Blade Team (TBT) has been disclosing vulnerabilities in this system for over a year and has released a new report which outlines the latest flaws. Some of the flaws would allow an attacker to execute remote code and cause program crashes. TBT stated in their advisory: “If you are using a software that is using SQLite as component (without the latest patch, which is 13 Dec 2019), and it supports external SQL queries. Or, you are using Chrome that is before 79.0.3945.79 with WebSQL enabled, you may be affected. Other devices such as PC/Mobile devices/IoT devices may also be affected, depends on if there’s a proper attack surface.”
Analyst Notes
While TBT has not seen any attackers use this flaw in the wild as of yet, they have reported the vulnerabilities to google which has released a patch that addresses this flaw. As Google Chrome is designed to automatically update itself, it is recommended to verify that the auto-update feature is enabled in settings.
To read more: https://www.bleepingcomputer.com/news/security/new-magellan-20-sqlite-vulnerabilities-affect-many-programs/
