A security vulnerability has been discovered in CIRA’s Canadian Shield iOS application – an app designed to protect Canadian users from malware and phishing.
Canadian Shield, created by the Canadian Internet Registration Authority (CIRA) and launched last year, is a free DNS filtering service designed to block malware and phishing threats at the DNS level, with Android and iOS apps available to protect mobile devices.
The app works by changing a phone’s DNS settings to run requests through CIRA’s Canadian server network, with machine learning and AI used to detect patterns in apparently unrelated DNS lookups and block malicious activity.
However, security researcher David Coomber discovered that Canadian Shield was itself vulnerable to manipulator-in-the-middle (MitM) attacks, with version 4.0.12 and below of the iOS app failing to validate the SSL certificate it receives when connecting to the application server.
As a result, he explains, “an attacker who can perform a man-in-the-middle attack may present a bogus SSL certificate which the application will accept silently. Sensitive information could be captured by an attacker without the user’s knowledge.”
The vulnerability, described as medium severity, received a CVSS score of 5.9.
Mobile MitM
Coomber first attempted to report the issue on December 22 last year, with the CIRA team confirming receipt of the details on January 5.
On February 1, CIRA confirmed the issue and reported that it was working on an update, with version 4.0.13, which fixed the problem, released on February 22.
“This vulnerability impacted the connection between the app and the App Store, and no browsing, DNS, or customer data was vulnerable or impacted,” a CIRA spokesperson tells The Daily Swig.
“The vulnerability has been patched and an updated version of the Canadian Shield iOS app is now available for download via the App Store. We recommend all users of CIRA Canadian Shield on iOS update to the latest version.”
The spokesperson added: “We take our commitment to security very seriously, and we thank the researcher who spotted the vulnerability, and our partners at the Canadian Centre for Cyber Security for their assistance in helping keep CIRA Canadian Shield secure.”
Source: https://portswigger.net/daily-swig/shields-down-canadian-internet-authoritys-dns-filtering-service-broke-ssl-on-ios
